Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 May 2012 18:39:10 +1000
From: David Black <disclosure@....org>
To: oss-security <oss-security@...ts.openwall.com>
Subject: CVE request: cobbler command injection

It was reported that it was possible to perform command injection
through the cobbler xmlrpc api[0][1]. This issue was fixed in the git
commit found at [2].
Can a CVE be assigned to this issue?


[0] https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999
[1] https://github.com/cobbler/cobbler/issues/141
[2] https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.