This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote service is affected by a command injection vulnerability.
According to its self-reported version, the Cobbler install on the
remote host is affected by a command injection vulnerability that can
be exploited by sending a specially crafted username or password
argument to the 'power_system' method.
Successful exploitation requires an authenticated user and xmlrpc API
See also :
Upgrade to the latest developmental version of Cobbler or apply the
Risk factor :
Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 4.8
Public Exploit Available : false