50 matches found
EUVD-2012-3340
Malware in sbrugna...
EUVD-2011-3175
Malware in sbrugna...
Fedora 17 : bcfg2-1.2.3-1.fc17 (2012-10391)
Sat Jul 07 2012 Fabian Affolter - 1.2.3-1 - Fix CVE-2012-3366 - Updated to new upstream version 1.2.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for bcfg2 FEDORA-2012-10402
Check for the Version of bcfg2 OpenVAS Vulnerability Test Fedora Update for bcfg2 FEDORA-2012-10402 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for bcfg2 FEDORA-2012-10391
Check for the Version of bcfg2 OpenVAS Vulnerability Test Fedora Update for bcfg2 FEDORA-2012-10391 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for bcfg2 FEDORA-2012-10391
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for bcfg2 FEDORA-2012-10402
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 16 : bcfg2-1.2.3-1.fc16 (2012-10402)
Sat Jul 07 2012 Fabian Affolter - 1.2.3-1 - Fix CVE-2012-3366 - Updated to new upstream version 1.2.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
[SECURITY] Fedora 16 Update: bcfg2-1.2.3-1.fc16
Bcfg2 helps system administrators produce a consistent, reproducible, and verifiable description of their environment, and offers visualization and reporting tools to aid in day-to-day administrative tasks. It is the fifth generation of configuration management tools developed in the Mathematics...
Debian Security Advisory DSA 2503-1 (bcfg2)
The remote host is missing an update to bcfg2 announced via advisory DSA 2503-1. OpenVAS Vulnerability Test $Id: deb25031.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2503-1 bcfg2 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
Debian: Security Advisory (DSA-2503-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2503-1] bcfg2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2503-1 [email protected] http://www.debian.org/security/ Florian Weimer June 28, 2012 http://www.debian.org/security/faq -...
bcfg2 shell chatacters vulnerability
It's possible to execute code as a root...
CVE-2012-3366
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server...
CVE-2012-3366
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server. This is very similar to a flaw discovered last year in a large number of other plugins...
Code injection
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server...
CVE-2012-3366
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server...
CVE-2012-3366
Removed by vendor...
CVE-2012-3366
CVE-2012-3366 affects bcfg2 1.2.x prior to 1.2.3 where the Trigger plugin allows remote attackers with root access to the client to execute arbitrary commands in the UUID field sent to bcfg2-server. The root cause is a failure to sanitize shell metacharacters in the UUID value, enabling command e...
Debian DSA-2503-1 : bcfg2 - shell command injection
It was discovered that malicious clients can trick the server component of the Bcfg2 configuration management system to execute commands with root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...