CVE-2014-3225

2014-05-14 02:55:11 2018-10-09 21:43:43

Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE_INSTANCE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

cobblerd Cobbler 2.4.2 cobblerd Cobbler 2.4.1 cobblerd Cobbler 2.4.0-1 cobblerd Cobbler 2.4.0 cobblerd Cobbler 2.4.3 cobblerd Cobbler 2.4.4 cobblerd Cobbler 2.6.0

Cobblerd - Cobbler

Advisory	Patch	Confirmed	Link
			https://www.youtube.com/watch?v=vuBaoQUFEYQ&feature=yout...
			67277
			https://github.com/cobbler/cobbler/issues/939
			33252
			20140513 FD - Cobbler Arbitrary File Read CVE-2014-3225
			[oss-security] 20140508 Re: CVE Request - Local File inc...
			[oss-security] 20140508 CVE Request - Local File inclusi...
			http://packetstormsecurity.com/files/126553/Cobbler-Loca...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (ID 22)

Related CAPEC 7 Relative Path Traversal (CAPEC-ID 139) Directory Traversal (CAPEC-ID 213) File System Function Injection, Content Based (CAPEC-ID 23) Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64) Manipulating Input to File System Calls (CAPEC-ID 76) Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78) Using Slashes in Alternate Encoding (CAPEC-ID 79)