Lucene search
PRIOn knowledge basePRION:CVE-2010-2235HistoryDec 09, 2010 - 8:00 p.m.
Design/Logic Flaw
2010-12-0920:00:00
PRIOn knowledge base
www.prio-n.com
4
template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file, a different vulnerability than CVE-2008-6954.
Related
osv
osv
Cobbler is vulnerable to code injection
2022-05-17 05:45:48
cve
cve
CVE-2010-2235
2010-12-09 20:00:17
CVE-2008-6954
2009-08-12 10:30:00
github
github
Cobbler is vulnerable to code injection
2022-05-17 05:45:48
nessus
nessus
RHEL 4 / 5 : cobbler (RHSA-2010:0775)
2010-10-18 00:00:00
Fedora 8 : cobbler-1.2.9-1.fc8 (2008-9723)
2008-11-21 00:00:00
Fedora 9 : cobbler-1.2.9-1.fc9 (2008-9745)
2008-11-21 00:00:00
cvelist
cvelist
CVE-2010-2235
2010-12-09 19:00:00
CVE-2008-6954
2009-08-12 10:00:00
nvd
nvd
CVE-2010-2235
2010-12-09 20:00:17
CVE-2008-6954
2009-08-12 10:30:00
gitlab
gitlab
Improper Control of Generation of Code ('Code Injection')
2022-05-17 00:00:00
prion
prion
Code injection
2009-08-12 10:30:00
openvas
openvas
Fedora Update for cobbler FEDORA-2008-9745
2009-02-17 00:00:00
Fedora Update for cobbler FEDORA-2008-9745
2009-02-17 00:00:00
Fedora Update for cobbler FEDORA-2008-9723
2009-02-17 00:00:00
redhat
redhat
(RHSA-2010:0775) Important: cobbler security update
2010-10-18 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:47:40