cobbler-3.2.1.336+git.5639a3af-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10690-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z cobbler-3.2.1.336+git.5639a3af-1.1 on GA media These are all security issues fixed in the cobbler-3.2.1.336+git.5639a3af-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10690 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2011-4953/ SUSE CVE CVE-2011-4953 page https://www.suse.com/security/cve/CVE-2016-9605/ SUSE CVE CVE-2016-9605 page https://www.suse.com/security/cve/CVE-2017-1000469/ SUSE CVE CVE-2017-1000469 page https://www.suse.com/security/cve/CVE-2018-1000225/ SUSE CVE CVE-2018-1000225 page https://www.suse.com/security/cve/CVE-2018-1000226/ SUSE CVE CVE-2018-1000226 page https://www.suse.com/security/cve/CVE-2018-10931/ SUSE CVE CVE-2018-10931 page openSUSE Tumbleweed cobbler-3.2.1.336+git.5639a3af-1.1 cobbler-tests-3.2.1.336+git.5639a3af-1.1 cobbler-3.2.1.336+git.5639a3af-1.1 as a component of openSUSE Tumbleweed cobbler-tests-3.2.1.336+git.5639a3af-1.1 as a component of openSUSE Tumbleweed The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet. CVE-2011-4953 openSUSE Tumbleweed:cobbler-3.2.1.336+git.5639a3af-1.1 openSUSE Tumbleweed:cobbler-tests-3.2.1.336+git.5639a3af-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-4953.html CVE-2011-4953 https://bugzilla.suse.com/757062 SUSE Bug 757062 A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation. CVE-2016-9605 openSUSE Tumbleweed:cobbler-3.2.1.336+git.5639a3af-1.1 openSUSE Tumbleweed:cobbler-tests-3.2.1.336+git.5639a3af-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-9605.html CVE-2016-9605 https://bugzilla.suse.com/1030582 SUSE Bug 1030582 Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user. CVE-2017-1000469 openSUSE Tumbleweed:cobbler-3.2.1.336+git.5639a3af-1.1 openSUSE Tumbleweed:cobbler-tests-3.2.1.336+git.5639a3af-1.1 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-1000469.html CVE-2017-1000469 https://bugzilla.suse.com/1074594 SUSE Bug 1074594 Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api). CVE-2018-1000225 openSUSE Tumbleweed:cobbler-3.2.1.336+git.5639a3af-1.1 openSUSE Tumbleweed:cobbler-tests-3.2.1.336+git.5639a3af-1.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-1000225.html CVE-2018-1000225 https://bugzilla.suse.com/1104190 SUSE Bug 1104190 https://bugzilla.suse.com/1104287 SUSE Bug 1104287 https://bugzilla.suse.com/1105442 SUSE Bug 1105442 Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931. CVE-2018-1000226 openSUSE Tumbleweed:cobbler-3.2.1.336+git.5639a3af-1.1 openSUSE Tumbleweed:cobbler-tests-3.2.1.336+git.5639a3af-1.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-1000226.html CVE-2018-1000226 https://bugzilla.suse.com/1104190 SUSE Bug 1104190 https://bugzilla.suse.com/1104287 SUSE Bug 1104287 https://bugzilla.suse.com/1105440 SUSE Bug 1105440 https://bugzilla.suse.com/1105442 SUSE Bug 1105442 https://bugzilla.suse.com/1131852 SUSE Bug 1131852 It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon. CVE-2018-10931 openSUSE Tumbleweed:cobbler-3.2.1.336+git.5639a3af-1.1 openSUSE Tumbleweed:cobbler-tests-3.2.1.336+git.5639a3af-1.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-10931.html CVE-2018-10931 https://bugzilla.suse.com/1104189 SUSE Bug 1104189 https://bugzilla.suse.com/1104190 SUSE Bug 1104190 https://bugzilla.suse.com/1104287 SUSE Bug 1104287 https://bugzilla.suse.com/1105440 SUSE Bug 1105440 https://bugzilla.suse.com/1105442 SUSE Bug 1105442 https://bugzilla.suse.com/1130105 SUSE Bug 1130105