#VU33117 OS Command Injection - CVE-2012-3366

Cybersecurity Help s.r.o.

Published: 2012-07-03 | Updated: 2020-08-03

Vulnerability identifier: #VU33117

Vulnerability risk: Medium

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2012-3366

CWE-ID: CWE-78

Exploitation vector: Network

Exploit availability: No

Description

The vulnerability allows a remote #AU# to execute arbitrary code.

The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server).

Mitigation
Install update from vendor's website.

External links
https://permalink.gmane.org/gmane.comp.sysutils.bcfg2.devel/4539
https://secunia.com/advisories/49629
https://secunia.com/advisories/49690
https://www.debian.org/security/2012/dsa-2503
https://www.securityfocus.com/bid/54217
https://exchange.xforce.ibmcloud.com/vulnerabilities/76616
https://github.com/Bcfg2/bcfg2/commit/a524967e8d5c4c22e49cd619aed20c87a316c0be

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Fedora EPEL 6 update for bcfg2

OS Command Injection in bcfg2 (Alpine package)

Fedora EPEL 6 update for bcfg2