Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3211

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-3211
Last Modified 22 Sep 2011 11:34:34
Published 16 Sep 2011 08:35:13
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3211

Summary

The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client.

Vulnerable Systems

Application

  • Bcfg2 0.3.1

  • Bcfg2 0.4

  • Bcfg2 0.5

  • Bcfg2 0.6

  • Bcfg2 0.6.1

  • Bcfg2 0.6.10

  • Bcfg2 0.6.3

  • Bcfg2 0.6.4

  • Bcfg2 0.6.5

  • Bcfg2 0.6.6

  • Bcfg2 0.6.7

  • Bcfg2 0.6.8

  • Bcfg2 0.6.9

  • Bcfg2 0.7.0

  • Bcfg2 0.7.1

  • Bcfg2 0.7.2

  • Bcfg2 0.7.3

  • Bcfg2 0.7.4

  • Bcfg2 0.8.0

  • Bcfg2 0.8.1

  • Bcfg2 0.8.2

  • Bcfg2 0.8.3

  • Bcfg2 0.8.4

  • Bcfg2 0.8.5

  • Bcfg2 0.8.6.1

  • Bcfg2 0.8.7

  • Bcfg2 0.8.7.1

  • Bcfg2 0.8.7.2

  • Bcfg2 0.9.0

  • Bcfg2 0.9.1d

  • Bcfg2 0.9.2

  • Bcfg2 0.9.3

  • Bcfg2 0.9.4

  • Bcfg2 0.9.5

  • Bcfg2 0.9.5.1

  • Bcfg2 0.9.5.2

  • Bcfg2 0.9.5.3

  • Bcfg2 0.9.5.5

  • Bcfg2 0.9.5.7

  • Bcfg2 0.9.6

  • Bcfg2 1.0

  • Bcfg2 1.0.0

  • Bcfg2 1.0.1

  • Bcfg2 1.1.0

  • Bcfg2 1.1.1

  • Bcfg2 1.1.2

  • Bcfg2 1.2


References

CONFIRM - https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7

CONFIRM - https://github.com/solj/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=736279

MLIST - [oss-security] 20110906 Re: CVE request for bcfg2 (remote root)

MLIST - [oss-security] 20110901 CVE request for bcfg2 (remote root)

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028

MLIST - [bcfg-dev] 20110816 Security flaw in 1.1.x; testers wanted

BID - 49414

DEBIAN - DSA-2302

SECUNIA - 46042

SECUNIA - 45926

SECUNIA - 45807

FEDORA - FEDORA-2011-12298

FEDORA - FEDORA-2011-12303


Last Updated: 27 May 2016 10:57:14