Download
| Alert*
|
oval:org.secpod.oval:def:600843
It was discovered that malicious clients can trick the server component of the Bcfg2 configuration management system to execute commands with root privileges. oval:org.secpod.oval:def:600620 It has been discovered that the bcfg2 server, a configuration management server for bcfg2 clients, is not properly sanitizing input from bcfg2 clients before passing it to various shell commands. This enables an attacker in control of a bcfg2 client to execute arbitrary commands on the server with r ... oval:org.secpod.oval:def:601440 bcfg2 is installed |
