CVSS: 10.0EPSS: 3%CPEs: 6EXPL: 1CVE-2014-0007 – Foreman Smart-Proxy - Remote Command Injection
https://notcve.org/view.php?id=CVE-2014-0007
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Smart-Proxy en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el parámetro path en tftp/fetch_boot_file. • https://www.exploit-db.com/exploits/39222 http://projects.theforeman.org/issues/6086 http://rhn.redhat.com/errata/RHSA-2014-0770.html https://access.redhat.com/security/cve/CVE-2014-0007 https://bugzilla.redhat.com/show_bug.cgi?id=1105369 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-0173
https://notcve.org/view.php?id=CVE-2013-0173
Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack. Foreman anterior a 1.1 utiliza un salt de 'foreman' para crear hashes de contraseñas root, lo que facilita a atacantes adivinar la contraseña a través de un ataque de fuerza bruta. • http://projects.theforeman.org/issues/2069 http://theforeman.org/security.html • CWE-310: Cryptographic Issues •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-0090
https://notcve.org/view.php?id=CVE-2014-0090
Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie. Vulnerabilidad de fijación de sesión en Foreman anterior a 1.4.2 permite a atacantes remotos secuestrar sesiones web a través de la cookie session id. • http://projects.theforeman.org/issues/4457 http://theforeman.org/security.html https://bugzilla.redhat.com/show_bug.cgi?id=1072151 • CWE-287: Improper Authentication •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5477
https://notcve.org/view.php?id=CVE-2012-5477
The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors. Smart Proxy en Foreman anterior a 1.1 utiliza un umask configurado a 0, lo que permite a usuarios locales modificar archivos creados por el demonio a través de vectores no especificados. • http://projects.theforeman.org/issues/1929 http://theforeman.org/security.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-0187
https://notcve.org/view.php?id=CVE-2013-0187
Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request. Foreman anterior a 1.1 permite a usuarios remotos autenticados ganar privilegios a través de una solicitud (1) XMLHttpRequest o (2) AJAX. • http://theforeman.org/security.html • CWE-264: Permissions, Privileges, and Access Controls •