CVE-2012-1989
CVE-2012-1989 affects Puppet: telnet.rb in Puppet 2.7.x (before 2.7.13) and Puppet Enterprise 1.2.x, 2.0.x, and 2.5.x (before 2.5.1) allows a local user to perform a symlink attack on the NET::Telnet connection log (/tmp/out.log) and overwrite arbitrary files. Root cause: improper handling of tem...