RHEL 5 / 6 : cobbler (RHSA-2012:1060)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing a security update.

Description :

An updated cobbler package that fixes one security issue is now
available for Red Hat Network Satellite 5.4.

The Red Hat Security Response Team has rated this update as having
moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

Cobbler is a network install server. Cobbler supports PXE, virtualized
installs, and re-installing existing Linux machines.

A command injection flaw was found in Cobbler's power management
XML-RPC method. A remote, authenticated user who is permitted to
perform Cobbler configuration changes via the Cobbler XML-RPC API,
could use this flaw to execute arbitrary code with root privileges on
the Red Hat Network Satellite server. (CVE-2012-2395)

Note: Red Hat Network Satellite uses a special user account to
configure Cobbler. By default, only this account is permitted to
perform Cobbler configuration changes, and the credentials for the
account are only accessible to the Satellite host's administrator. As
such, this issue only affected environments where the administrator
allowed other users to make Cobbler configuration changes.

Users of Red Hat Network Satellite 5.4 are advised to upgrade to this
updated cobbler package, which contains a backported patch to correct
this issue. Red Hat Network Satellite must be restarted
('/usr/sbin/rhn-satellite restart') for this update to take effect.

See also :

https://www.redhat.com/security/data/cve/CVE-2012-2395.html
http://rhn.redhat.com/errata/RHSA-2012-1060.html

Solution :

Update the affected cobbler package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Red Hat Local Security Checks

Nessus Plugin ID: 64047 ()

Bugtraq ID: 53666

CVE ID: CVE-2012-2395