oss-sec mailing list archives
CVE request: cobbler command injection
From: David Black <disclosure () d1b org>
Date: Wed, 23 May 2012 18:39:10 +1000
It was reported that it was possible to perform command injection through the cobbler xmlrpc api[0][1]. This issue was fixed in the git commit found at [2]. Can a CVE be assigned to this issue? [0] https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999 [1] https://github.com/cobbler/cobbler/issues/141 [2] https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf
Current thread:
- CVE request: cobbler command injection David Black (May 23)
- Re: CVE request: cobbler command injection Kurt Seifried (May 23)