OVAL Reference oval:com.ubuntu.precise:def:20123865000

Oval Definition:

oval:com.ubuntu.precise:def:20123865000

Revision Date:	2012-08-06	Version:	1
Title:	CVE-2012-3865 on Ubuntu 12.04 LTS (precise) - medium.
Description:	Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2012-3865
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND The 'puppet' package in precise was vulnerable but has been fixed (note: '2.7.11-1ubuntu2.1').