CVE-2012-3366
N/A
N/A
Summary
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/Bcfg2/bcfg2/commit/a524967e8d5c4c22e49cd619aed20c87a316c0be
- http://www.debian.org/security/2012/dsa-2503
- http://secunia.com/advisories/49690
- http://permalink.gmane.org/gmane.comp.sysutils.bcfg2.devel/4539
- http://www.securityfocus.com/bid/54217
- http://secunia.com/advisories/49629
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76616
References
- https://github.com/Bcfg2/bcfg2/commit/a524967e8d5c4c22e49cd619aed20c87a316c0be
- http://www.debian.org/security/2012/dsa-2503
- http://secunia.com/advisories/49690
- http://permalink.gmane.org/gmane.comp.sysutils.bcfg2.devel/4539
- http://www.securityfocus.com/bid/54217
- http://secunia.com/advisories/49629
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76616
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.