Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-2395
HistoryJun 16, 2012 - 12:00 a.m.

CVE-2012-2395

2012-06-1600:00:00
ubuntu.com
ubuntu.com
13

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0
allows remote attackers to execute arbitrary commands via shell
metacharacters in the (1) username or (2) password fields to the
power_system method in the xmlrpc API.

Bugs

Notes

Author Note
jdstrand maas-provision in 12.04 is a code copy of cobbler, but with reduced features and usage. Only the portions of maas-provision specifically used by maas will recieve official support maas in 12.10 as of 0.1+bzr971+dfsg-0ubuntu1 no longer depends on maas-provision and maas-provision has moved to universe. 12.04 should also receive this update for maas, so deferring for now. maas-provision removed from 12.10 before release power functionality is blocked by the AppArmor profile in maas-provision on 12.04 LTS, so this vulnerability is mitigated. This was tested by modifying /usr/share/pyshared/cobbler/utils.py to remove the check for invalid characters, then getting a system name with ‘sudo cobbler list’ then doing something like: $ sudo cobbler system edit --name node-457f02f2-3fe6-11e2-a048-525400209fb8 \ --power-type ether_wake \ --power-user Admin --power-pass PASSWORD \ --power-address ‘AA:BB:CC:DD:EE:FF" ; /usr/bin/touch /gotcha ; "’ $ sudo cobbler system poweron --name=node-457f02f2-3fe6-11e2-a048-525400209fb8

Related

github 1
cve 1
osv 1
cvelist 1
redhat 1
prion 1
nvd 1
openvas 4
nessus 4
suse 4
gitlab 1
github
github
Cobbler subject to Command Injection
2022-05-17 05:27:39
cve
cve
CVE-2012-2395
2012-06-16 00:55:07
osv
osv
Cobbler subject to Command Injection
2022-05-17 05:27:39
cvelist
cvelist
CVE-2012-2395
2012-06-16 00:00:00
redhat
redhat
(RHSA-2012:1060) Moderate: cobbler security update
2012-07-09 00:00:00
prion
prion
Input validation
2012-06-16 00:55:00
nvd
nvd
CVE-2012-2395
2012-06-16 00:55:07
openvas
openvas
Cobbler 2.2.0 Command Injection Vulnerability
2012-07-12 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2012:0655-1)
2012-12-13 00:00:00
SuSE Update for update openSUSE-SU-2012:0655-1 (update)
2012-12-13 00:00:00
nessus
nessus
Cobbler xmlrpc API power_system Method Remote Shell Command Execution
2012-06-07 00:00:00
openSUSE Security Update : cobbler (openSUSE-SU-2012:0655-1)
2014-06-13 00:00:00
RHEL 5 / 6 : cobbler (RHSA-2012:1060)
2013-01-24 00:00:00
suse
suse
update for cobbler (important)
2012-05-29 15:08:19
Security update for cobbler (important)
2012-07-03 16:08:22
Security update for cobbler (moderate)
2021-01-14 00:00:00
gitlab
gitlab
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
2022-05-17 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON
Related for UB:CVE-2012-2395
github1cve1osv1cvelist1redhat1prion1nvd1openvas4nessus4suse4gitlab1