11 matches found
Fedora Update for bcfg2 FEDORA-2011-13214
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for bcfg2 FEDORA-2011-13181
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 15 : bcfg2-1.1.3-1.fc15 (2011-13214)
Thu Sep 22 2011 Fabian Affolter - 1.1.3-1 - Removed patch to fix CVE-2011-3211 was fixed upstream - Updated to new upstream version 1.1.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora 14 : bcfg2-1.1.3-1.fc14 (2011-13181)
Thu Sep 22 2011 Fabian Affolter - 1.1.3-1 - Removed patch to fix CVE-2011-3211 was fixed upstream - Updated to new upstream version 1.1.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora Update for bcfg2 FEDORA-2011-12298
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 15 : bcfg2-1.1.2-2.fc15 (2011-12298)
Wed Sep 07 2011 Fabian Affolter - 1.1.2-2 - Added patch to fix CVE-2011-3211 - Thu Jun 02 2011 Fabian Affolter - 1.1.2-1 - Updated to new upstream version 1.1.2 - Fixed 683239 - Mon Sep 27 2010 Jeffrey C. Ollie - 1.1.0-2 - Update to final version Note that Tenable Network Security has extracted...
Fedora 14 : bcfg2-1.1.2-2.fc14 (2011-12303)
Wed Sep 07 2011 Fabian Affolter - 1.1.2-2 - Added patch to fix CVE-2011-3211 - Thu Jun 02 2011 Fabian Affolter - 1.1.2-1 - Updated to new upstream version 1.1.2 - Fixed 683239 - Mon Sep 27 2010 Jeffrey C. Ollie - 1.1.0-2 - Update to final version Note that Tenable Network Security has extracted...
CVE-2011-3211
CVE-2011-3211 affects the Bcfg2 server: versions 1.1.2 and earlier, and 1.2 prerelease, are vulnerable to remote command execution via shell metacharacters in data from a client. The root cause is improper handling of client-supplied data on the server side, allowing arbitrary commands to be exec...
[SECURITY] [DSA 2302-1] bcfg2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2302-1 [email protected] http://www.debian.org/security/ Nico Golde Sep 7, 2011 http://www.debian.org/security/faq -...
Debian DSA-2302-1 : bcfg2 - missing input sanitization
It has been discovered that the Bcfg2 server, a configuration management server for Bcfg2 clients, is not properly sanitizing input from Bcfg2 clients before passing it to various shell commands. This enables an attacker in control of a Bcfg2 client to execute arbitrary commands on the server wit...
[SECURITY] [DSA 2302-1] bcfg2 security update
-------------------------------------------------------------------------- Debian Security Advisory DSA-2302-1 [email protected] http://www.debian.org/security/ Nico Golde Sep 7, 2011 http://www.debian.org/security/faq - --------------------------------------------------------------------------...