Description
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server).
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DSA |
DSA-2503-1 | bcfg2 security update |
EUVD |
EUVD-2012-3340 | The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server). |
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T20:05:12.537Z
Reserved: 2012-06-14T00:00:00.000Z
Link: CVE-2012-3366
No data.
Status : Modified
Published: 2012-07-03T16:40:35.007
Modified: 2026-06-16T23:43:05.100
Link: CVE-2012-3366
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Debian DSA
EUVD