NuytsTech Security

CVE-2012-3366

by ·

The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server).

Date published : 2012-07-03

http://www.securityfocus.com/bid/54217

https://github.com/Bcfg2/bcfg2/commit/a524967e8d5c4c22e49cd619aed20c87a316c0be

Tags: