 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2018-10931 |
| Description: | It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.876792 1.3.6.1.4.1.25623.1.0.877299 1.3.6.1.4.1.25623.1.1.4.2018.2550.1 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-10931 FEDORA-2019-3cacfb34ad https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMWK5KCCZXOGOYNR2H6BWDSABTQ5NYJA/ FEDORA-2019-cd24f60a94 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P5Q4ACIVZ5D4KSUDLGRTOKGGB4U42SD/ RHSA-2018:2372 https://access.redhat.com/errata/RHSA-2018:2372 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10931 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10931 |