6 matches found
EUVD-2012-5277
Malware in sbrugna...
CVE-2021-43954
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed remote attackers, who have 'can add repository permission', to enumerate the existence of internal network and filesystem resources via a Server-Side Request Forgery SSRF vulnerability...
The vulnerability of the “add repo” component in the Cobbler network installation server allows a hacker to execute arbitrary code with root privileges.
The vulnerability of the “add repo” component in the Cobbler network installation server is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with root privileges...
Cobbler Command Injection Vulnerability
Cobbler is a Linux installation server that allows you to quickly set up a network installation environment. A command injection vulnerability exists in the "add repo" component of Cobbler 2.8.2 and earlier. This vulnerability can be exploited to execute arbitrary code as root...
UBUNTU-CVE-2017-1000469
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user...
CVE-2012-5356
The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary...