Oval Definition:oval:org.opensuse.security:def:20122395
Revision Date:2022-06-30Version:1
Title:CVE-2012-2395
Description:

Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) username or (2) password fields to the power_system method in the xmlrpc API.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2012-2395
Mitre CVE-2012-2395
SUSE CVE-2012-2395
openSUSE-SU-2012:0655-1
openSUSE-SU-2012:0655-1
openSUSE-SU-2021:0046-1
openSUSE-SU-2021:0058-1
SUSE-SU-2012:0814-1
SUSE-SU-2012:0814-1
Platform(s):openSUSE 12.1
openSUSE 12.1 Update
openSUSE Leap 15.2
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 11 SP1-CLIENT-TOOLS
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS is installed
  • AND koan-2.0.10-0.38.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • cobbler-3.1.2-lp152.6.3.1 is installed
  • AND cobbler is signed with openSUSE key
  • OR
  • cobbler-tests-3.1.2-lp152.6.3.1 is installed
  • AND cobbler-tests is signed with openSUSE key
  • OR
  • cobbler-web-3.1.2-lp152.6.3.1 is installed
  • AND cobbler-web is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-CLIENT-TOOLS is installed
  • AND koan-2.0.10-0.38 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • cobbler-2.6.6-4.2 is installed
  • OR cobbler-tests-2.6.6-4.2 is installed
  • OR cobbler-web-2.6.6-4.2 is installed
  • OR koan-2.6.6-4.2 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed
  • AND Package Information
  • cobbler-3.1.2-bp152.4.3.1 is installed
  • OR cobbler-tests-3.1.2-bp152.4.3.1 is installed
  • OR cobbler-web-3.1.2-bp152.4.3.1 is installed
    • BACK