EUVD-2012-3340

Malware in sbrugna...

EUVD-2011-3175

Malware in sbrugna...

Fedora Update for bcfg2 FEDORA-2012-10402

Check for the Version of bcfg2 OpenVAS Vulnerability Test Fedora Update for bcfg2 FEDORA-2012-10402 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora 17 : bcfg2-1.2.3-1.fc17 (2012-10391)

Sat Jul 07 2012 Fabian Affolter - 1.2.3-1 - Fix CVE-2012-3366 - Updated to new upstream version 1.2.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora Update for bcfg2 FEDORA-2012-10391

Check for the Version of bcfg2 OpenVAS Vulnerability Test Fedora Update for bcfg2 FEDORA-2012-10391 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for bcfg2 FEDORA-2012-10402

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for bcfg2 FEDORA-2012-10391

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 16 : bcfg2-1.2.3-1.fc16 (2012-10402)

Sat Jul 07 2012 Fabian Affolter - 1.2.3-1 - Fix CVE-2012-3366 - Updated to new upstream version 1.2.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

[SECURITY] Fedora 16 Update: bcfg2-1.2.3-1.fc16

Bcfg2 helps system administrators produce a consistent, reproducible, and verifiable description of their environment, and offers visualization and reporting tools to aid in day-to-day administrative tasks. It is the fifth generation of configuration management tools developed in the Mathematics...

Debian Security Advisory DSA 2503-1 (bcfg2)

The remote host is missing an update to bcfg2 announced via advisory DSA 2503-1. OpenVAS Vulnerability Test $Id: deb25031.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2503-1 bcfg2 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2503-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2503-1] bcfg2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2503-1 [email protected] http://www.debian.org/security/ Florian Weimer June 28, 2012 http://www.debian.org/security/faq -...

bcfg2 shell chatacters vulnerability

It's possible to execute code as a root...

CVE-2012-3366

The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server...

CVE-2012-3366

The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server. This is very similar to a flaw discovered last year in a large number of other plugins...

Code injection

The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server...

CVE-2012-3366

Removed by vendor...

CVE-2012-3366

The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server...

CVE-2012-3366

CVE-2012-3366 affects bcfg2 1.2.x prior to 1.2.3 where the Trigger plugin allows remote attackers with root access to the client to execute arbitrary commands in the UUID field sent to bcfg2-server. The root cause is a failure to sanitize shell metacharacters in the UUID value, enabling command e...

Debian DSA-2503-1 : bcfg2 - shell command injection

It was discovered that malicious clients can trick the server component of the Bcfg2 configuration management system to execute commands with root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...