CVE-2016-9605
published 2018-08-22CVE-2016-9605: A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file…
PriorityP427medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
0.80%
51.9th percentile
A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cobbler_project | cobbler | — | — |
| cobbler_project | cobbler | 0 – 2.6.11-1 | — |
| the_cobbler_project | cobbler | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Cobbler Arbitrary File Read
osv·2022-05-13
CVE-2016-9605 [MEDIUM] Cobbler Arbitrary File Read
Cobbler Arbitrary File Read
A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.
GHSA
Cobbler Arbitrary File Read
ghsa·2022-05-13
CVE-2016-9605 [MEDIUM] CWE-79 Cobbler Arbitrary File Read
Cobbler Arbitrary File Read
A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.
Red Hat
cobbler: Cross site scripting in profile page
vendor_redhat·CVSS 6.1
CVE-2016-9605 [MEDIUM] CWE-79 cobbler: Cross site scripting in profile page
cobbler: Cross site scripting in profile page
A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.
Statement: Red Hat Satellite 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security
impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/satellite
Package: cobbler (Red Hat Satellite 5) - Not affected
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-9605 cobbler: Cross site scripting in profile page
bugzilla·2017-03-20·CVSS 6.1
CVE-2016-9605 [MEDIUM] CVE-2016-9605 cobbler: Cross site scripting in profile page
CVE-2016-9605 cobbler: Cross site scripting in profile page
Cobbler software component, suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. Navigate to the following URL, on a default installation of cobbler and cobbler-web (version 2.6.11-1):
http://localhost/cblr/svc/profile//op/script?scriptx=script/script/script/script/script/script/script/script/&script=../../../../../etc/passwd
Product bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1399333
Discussion:
Statement:
Red Hat Satellite 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security
impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Lin
Bugzilla
Cobbler upstream suffers from an invalid parameter allows file reading
bugzilla·2016-11-28·CVSS 6.1
[MEDIUM] Cobbler upstream suffers from an invalid parameter allows file reading
Cobbler upstream suffers from an invalid parameter allows file reading
Description of problem:
Cobbler software component, suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. Navigate to the following URL, on a default installation of cobbler and cobbler-web (version 2.6.11-1):
http://localhost/cblr/svc/profile//op/script?scriptx=script/script/script/script/script/script/script/script/&script=../../../../../etc/passwd
We assume that the exploit does not work because we are not affected. We assume that this is due to a way older version of cobbler being used in Satellite (cobbler-2.0.7-66.el6sat.noarch) vs. Github (2.8.0). We assume that the exploit targets the "scripts" endpoint. In cobbler/services.py we do find a handler for this endpoint i
2018-08-22
Published