Path traversal in Cobbler - CVE-2014-3225
Published: May 14, 2014 / Updated: August 11, 2020
Vulnerability identifier: #VU41683
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2014-3225
CWE-ID: CWE-22
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: Cobbler project
Affected software:
Cobbler
Cobbler
Detailed vulnerability description
The vulnerability allows a remote #AU# to gain access to sensitive information.
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.
How to mitigate CVE-2014-3225
Install update from vendor's website.
Sources
- http://packetstormsecurity.com/files/126553/Cobbler-Local-File-Inclusion.html
- http://seclists.org/oss-sec/2014/q2/273
- http://seclists.org/oss-sec/2014/q2/274
- http://www.exploit-db.com/exploits/33252
- http://www.osvdb.org/106759
- http://www.securityfocus.com/archive/1/532094/100/0/threaded
- http://www.securityfocus.com/bid/67277
- https://github.com/cobbler/cobbler/issues/939
- https://www.youtube.com/watch?v=vuBaoQUFEYQ&feature=youtu.be