CVE-2011-4953
https://notcve.org/view.php?id=CVE-2011-4953
The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet. La función set_mgmt_parameters en item.py en cobbler anterior a 2.2.2 permite a atacantes dependientes de contexo ejecutar código arbitrario a través de vectores relacionados con el uso de la función yaml.load en lugar de la función yaml.safe_load, tal y como fue demostrado mediante el uso de Puppet. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00019.html https://bugs.launchpad.net/ubuntu/oneiric/+source/cobbler/+bug/858883 https://bugzilla.novell.com/show_bug.cgi?id=757062 • CWE-20: Improper Input Validation •
CVE-2014-3225 – Cobbler 2.4.x < 2.6.x - Local File Inclusion
https://notcve.org/view.php?id=CVE-2014-3225
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile. Vulnerabilidad de recorrido de directorio absoluto en la interfaz web en Cobbler 2.4.x hasta 2.6.x permite a usuarios remotos autenticados leer archivos arbitrarios a través del campo Kickstart en un perfil. Cobbler versions 2.6.0 and below suffer from an arbitrary file read vulnerability. • https://www.exploit-db.com/exploits/33252 http://packetstormsecurity.com/files/126553/Cobbler-Local-File-Inclusion.html http://seclists.org/oss-sec/2014/q2/273 http://seclists.org/oss-sec/2014/q2/274 http://www.exploit-db.com/exploits/33252 http://www.osvdb.org/106759 http://www.securityfocus.com/archive/1/532094/100/0/threaded http://www.securityfocus.com/bid/67277 https://github.com/cobbler/cobbler/issues/939 https://www.youtube.com/watch?v=vuBaoQUFEYQ&feature= • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2012-2395 – cobbler: command injection flaw in the power management XML-RPC API
https://notcve.org/view.php?id=CVE-2012-2395
Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) username or (2) password fields to the power_system method in the xmlrpc API. Vulnerabilidad de lista negra incompleta en action_power.py de Cobbler 2.2.0. Permite a atacantes remotos ejecutar comandos arbitrarios a través de meta-caracteres de shell en los campos (1) username o (2) password del método power_system method del API xmlrpc. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00000.html http://www.openwall.com/lists/oss-security/2012/05/23/18 http://www.openwall.com/lists/oss-security/2012/05/23/4 http://www.osvdb.org/82458 http://www.securityfocus.com/bid/53666 https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999 https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf https://gi • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2010-2235 – (cobbler): Code injection flaw (ACE as root) by processing of a specially-crafted kickstart template file
https://notcve.org/view.php?id=CVE-2010-2235
template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file, a different vulnerability than CVE-2008-6954. template_api.py en Cobbler, en versiones anteriores a la 2.0.7, como es usado en Red Hat Network Satellite Server y otros productos, no deshabilita la posiblidad del motor de plantillas Cheetah de ejecutar declaraciones Python contenidas en plantillas, lo que permite a administradores remotos autenticados ejecutar código de su elección mediante un fichero de plantilla kickstart manipulado, una vulnerabilidad diferente a CVE-2008-6954. • http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz http://www.redhat.com/support/errata/RHSA-2010-0775.html https://bugzilla.redhat.com/show_bug.cgi?id=607662 https://access.redhat.com/security/cve/CVE-2010-2235 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVE-2010-4512
https://notcve.org/view.php?id=CVE-2010-4512
Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable permissions for files and directories. Cobbler en versiones anteriores a la 2.0.4 usa un valor de umask incorrecto, lo que permite a usuarios locales tener un impacto no especificado aprovechando permisos de escritura para todos en ficheros y directorios. • http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz http://secunia.com/advisories/42602 https://bugzilla.redhat.com/show_bug.cgi?id=554567 • CWE-264: Permissions, Privileges, and Access Controls •