Описание
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-0007
- https://access.redhat.com/errata/RHEA-2014:1175
- https://access.redhat.com/errata/RHSA-2014:0770
- https://access.redhat.com/security/cve/CVE-2014-0007
- https://bugzilla.redhat.com/show_bug.cgi?id=1105369
- http://projects.theforeman.org/issues/6086
- http://rhn.redhat.com/errata/RHSA-2014-0770.html
EPSS
CVE ID
Связанные уязвимости
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows ...
EPSS