5 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-0007
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path...
RHEL 6 : foreman-proxy (RHSA-2014:0770)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0770 advisory. The foreman-proxy package provides a RESTful API to manage DNS, DHCP, TFTP, and Puppet settings, and can be used as part of Foreman. A shell command...
Foreman Smart-Proxy TFTP Remote Command Injection
The remote web server is running a version of Foreman Smart-Proxy TFTP that is affected by a remote command injection vulnerability. An attacker can send a specially crafted URL that results in the execution of arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2014-0007
CVE-2014-0007 affects Foreman’s Smart-Proxy TFTP module. The Smart-Proxy before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Impact per sources indicates remote command execution; attesta...
CVE-2014-0007
creationtimestamp| type| source ---|---|--- 2014-06-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39222...