2 matches found
CVE-2008-6557
CVE-2008-6557 describes a remote command execution vulnerability in The Puppet Master WebUtil 2.7, caused by shell metacharacters in the details command processed by cgi-bin/webutil.pl. Affected component: WebUtil 2.7; root cause: unsafe handling of shell metacharacters allowing arbitrary command...
CVE-2008-6555
CVE-2008-6555 affects the WebUtil component in The Puppet Master, specifically the cgi-bin/webutil.pl script. The vulnerability allows remote attackers to execute arbitrary commands via shell metacharacters in the dig command, enabling full compromise of affected systems reachable over the networ...