Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
https://puppet.com/security/cve/cve-2011-3872
https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
http://www.ubuntu.com/usn/USN-1238-2
http://www.ubuntu.com/usn/USN-1238-1
http://www.securityfocus.com/bid/50356
http://secunia.com/advisories/46964
http://secunia.com/advisories/46934
http://secunia.com/advisories/46578
http://secunia.com/advisories/46550
http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1