Cobbler Remote Command Injection Vulnerability Network Vulnerability

Summary

Cobbler is prone to a remote command-injection vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the affected application.

Solution

Updates are available. Please see the references for more information.

References

http://freshmeat.net/projects/cobbler
http://www.securityfocus.com/bid/53666
https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999
https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf
https://github.com/cobbler/cobbler/issues/141

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2395
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ARRIS 2307 Unprotected Web Console
Advantech WebAccess Multiple Vulnerabilities
Apache Tomcat Windows Installer Privilege Escalation Vulnerability
artmedic_links5 File Inclusion Vulnerability
Adobe ColdFusion Information Disclosure Vulnerability

Take action and discover your vulnerabilities