Lucene search
Ubuntu.comUB:CVE-2014-3225HistoryMay 14, 2014 - 12:00 a.m.
CVE-2014-3225
2014-05-1400:00:00
ubuntu.com
ubuntu.com
13
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.03
Percentile
90.9%
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x
through 2.6.x allows remote authenticated users to read arbitrary files via
the Kickstart field in a profile.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545583>
- <https://bugzilla.redhat.com/show_bug.cgi?id=1095844>
Notes
| Author | Note |
|---|---|
| jdstrand | maas-provision in 12.04 is a code copy of cobbler, but with reduced features and usage. Only the portions of maas-provision specifically used by maas will recieve official support maas-provision does not ship web_ui and is therefore not affected |
Related
openvas
openvas
Fedora Update for cobbler FEDORA-2014-8545
2014-07-28 00:00:00
Fedora Update for cobbler FEDORA-2014-8561
2014-07-28 00:00:00
Ubuntu: Security Advisory (USN-6475-1)
2023-11-14 00:00:00
securityvulns
securityvulns
FD - Cobbler Arbitrary File Read CVE-2014-3225
2014-05-15 00:00:00
osv
osv
Cobbler Path Traversal vulnerability
2022-05-14 02:52:42
cobbler-2.6.6-4.2 on GA media
2024-06-15 00:00:00
cobbler vulnerabilities
2023-11-13 15:04:17
github
github
Cobbler Path Traversal vulnerability
2022-05-14 02:52:42
prion
prion
Path traversal
2014-05-14 00:55:00
packetstorm
packetstorm
Cobbler 2.6.0 Arbitrary File Read
2014-05-13 00:00:00
nvd
nvd
CVE-2014-3225
2014-05-14 00:55:11
cvelist
cvelist
CVE-2014-3225
2014-05-14 00:00:00
nessus
nessus
Fedora 20 : cobbler-2.6.3-1.fc20 (2014-8561)
2014-07-28 00:00:00
Fedora 19 : cobbler-2.6.3-1.fc19 (2014-8545)
2014-07-28 00:00:00
Ubuntu 16.04 ESM : Cobbler vulnerabilities (USN-6475-1)
2023-11-13 00:00:00
gitlab
gitlab
Local File inclusion
2014-05-13 00:00:00
cve
cve
CVE-2014-3225
2014-05-14 00:55:11
fedora
fedora
[SECURITY] Fedora 20 Update: cobbler-2.6.3-1.fc20
2014-07-28 03:25:38
[SECURITY] Fedora 19 Update: cobbler-2.6.3-1.fc19
2014-07-28 03:24:56
exploitdb
exploitdb
Cobbler 2.4.x < 2.6.x - Local File Inclusion
2014-05-08 00:00:00
ubuntu
ubuntu
Cobbler vulnerabilities
2023-11-13 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.03
Percentile
90.9%
Related for UB:CVE-2014-3225