Red Hat Customer Portal

Skip to main content

CVE-2012-3865

Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.

Details Source

Mitre

Public Date

2012-07-10 00:00:00

Impact

Low

Bugzilla

CVE-2012-3865 puppet: authenticated clients allowed to delete arbitrary files on the puppet master

Bugzilla ID

839 131

CVSS Status

verified

Base Score

2.10

Base Metrics

AV:N/AC:H/Au:S/C:N/I:N/A:P

Acknowledgements

Red Hat would like to thank Puppet Labs for reporting this issue.

External References

http://puppetlabs.com/security/cve/cve-2012-3865/

Red Hat Security Errata

Platform Errata Release Date
Red Hat CloudForms System Engine 1 (puppet) RHSA-2012:1542 2012-12-04
Red Hat CloudForms Cloud Engine 1 (puppet) RHSA-2012:1542 2012-12-04

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 1 puppet Will not fix
Red Hat CloudForms Tools 1 puppet Affected