CVE-2011-4954
https://notcve.org/view.php?id=CVE-2011-4954
cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE cobbler presenta una escalada de privilegios locales mediante el uso de una ubicación no segura para PYTHON_EGG_CACHE. • http://www.openwall.com/lists/oss-security/2012/04/12/10 https://access.redhat.com/security/cve/cve-2011-4954 https://bugs.gentoo.org/show_bug.cgi?id=CVE-2011-4954 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4954 https://security-tracker.debian.org/tracker/CVE-2011-4954 • CWE-269: Improper Privilege Management •
CVE-2011-4952
https://notcve.org/view.php?id=CVE-2011-4952
cobbler: Web interface lacks CSRF protection when using Django framework cobbler: La interfaz web carece de protección contra un CSRF cuando es usado el framework Django. • http://www.openwall.com/lists/oss-security/2012/04/12/10 https://access.redhat.com/security/cve/cve-2011-4952 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4952 https://security-tracker.debian.org/tracker/CVE-2011-4952 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-1000226
https://notcve.org/view.php?id=CVE-2018-1000226
Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931. Cobbler en su versión Verified, tal y como está presente en Cobbler en versiones 2.6.11+, aunque la inspección del código sugiere que al menos las versiones 2.0.0+ o incluso anteriores podrían ser vulnerables, contiene una vulnerabilidad de control de acceso incorrecto en la API XMLRPC de Cobbler (/cobbler_api) que puede resultar en un escalado de privilegios, manipulación o exfiltración de datos o la captura de credenciales LDAP. • https://github.com/cobbler/cobbler/issues/1916 https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2018-1000225
https://notcve.org/view.php?id=CVE-2018-1000225
Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api). Cobbler en su versión Verified, tal y como está presente en Cobbler en versiones 2.6.11+, aunque la inspección del código sugiere que al menos las versiones 2.0.0+ o incluso anteriores podrían ser vulnerables, contiene una vulnerabilidad Cross-Site Scripting (XSS) en cobbler-web que puede resultar en un escalado de privilegios a admin. Este ataque parece ser explotable mediante conectividad de red. • https://github.com/cobbler/cobbler/issues/1917 https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-3225 – Cobbler 2.4.x < 2.6.x - Local File Inclusion
https://notcve.org/view.php?id=CVE-2014-3225
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile. Vulnerabilidad de recorrido de directorio absoluto en la interfaz web en Cobbler 2.4.x hasta 2.6.x permite a usuarios remotos autenticados leer archivos arbitrarios a través del campo Kickstart en un perfil. Cobbler versions 2.6.0 and below suffer from an arbitrary file read vulnerability. • https://www.exploit-db.com/exploits/33252 http://packetstormsecurity.com/files/126553/Cobbler-Local-File-Inclusion.html http://seclists.org/oss-sec/2014/q2/273 http://seclists.org/oss-sec/2014/q2/274 http://www.exploit-db.com/exploits/33252 http://www.osvdb.org/106759 http://www.securityfocus.com/archive/1/532094/100/0/threaded http://www.securityfocus.com/bid/67277 https://github.com/cobbler/cobbler/issues/939 https://www.youtube.com/watch?v=vuBaoQUFEYQ&feature= • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •