CVE-2012-2395: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
(updated )
CVE-2012-2395 cobbler: command injection flaw in the power management XML-RPC API
References
- lists.opensuse.org/opensuse-security-announce/2012-05/msg00016.html
- lists.opensuse.org/opensuse-security-announce/2012-07/msg00000.html
- www.openwall.com/lists/oss-security/2012/05/23/18
- bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999
- github.com/advisories/GHSA-g34c-mg6m-xvxj
- github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf
- github.com/cobbler/cobbler/issues/141
- nvd.nist.gov/vuln/detail/CVE-2012-2395
- web.archive.org/web/20120712025653/http://www.securityfocus.com/bid/53666
Code Behaviors & Features
Detect and mitigate CVE-2012-2395 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →