Cobbler Remote Command Injection Vulnerability Network Vulnerability

Summary

Cobbler is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the affected application.

Solution

Updates are available. Please see the references for more information.

References

http://freshmeat.net/projects/cobbler
http://www.securityfocus.com/bid/53666
https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999
https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf
https://github.com/cobbler/cobbler/issues/141

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2395

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Allegro RomPager `Misfortune Cookie` Vulnerability
Apache Tomcat /servlet Cross Site Scripting
admin.cgi overflow
AWStats configdir parameter arbitrary cmd exec
Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities