all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ubuntu Security Notice USN-6475-1

Add to bookmarks
Nov. 15, 2023, 1:56 p.m. |

Packet Storm packetstormsecurity.com

Ubuntu Security Notice 6475-1 - It was discovered that Cobbler did not properly handle user input, which could result in an absolute path traversal. An attacker could possibly use this issue to read arbitrary files. It was discovered that Cobbler did not properly handle user input, which could result in command injection. An attacker could possibly use this issue to execute arbitrary code with high privileges.

absolute arbitrary files attacker command command injection files injection input issue notice path path traversal result security security notice ubuntu usn

Visit resource

More from packetstormsecurity.com / Packet Storm

CE Phoenix 1.0.8.20 Remote Code Execution 12 hours ago | packetstormsecurity.com
code code execution exploit phoenix +6
Ubuntu Security Notice USN-6527-1 12 hours ago | packetstormsecurity.com
applications arbitrary code attacker avx +15
Ubuntu Security Notice USN-6528-1 12 hours ago | packetstormsecurity.com
attacker avx bytecode carter +15
Ubuntu Security Notice USN-6526-1 12 hours ago | packetstormsecurity.com
arbitrary code attacker bad code +12
Ubuntu Security Notice USN-6519-2 12 hours ago | packetstormsecurity.com
ec2 imdsv1 imdsv2 insecure +10
Ubuntu Security Notice USN-6525-1 12 hours ago | packetstormsecurity.com
arbitrary code attacker code crash +10
Ubuntu Security Notice USN-6524-1 12 hours ago | packetstormsecurity.com
arbitrary code attacker code crash +10
Ubuntu Security Notice USN-6522-1 12 hours ago | packetstormsecurity.com
attacker crash denial of service drive +13
Ubuntu Security Notice USN-6521-1 12 hours ago | packetstormsecurity.com
arbitrary code attacker code crash +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Vice President, Cybersecurity and Runtime Operations

@ 2U | US-MD-Lanham//US-Remote
View on infosec-jobs.com

Dreadnought Product Security Lead - Submarines

@ Rolls-Royce | Derby - Jubilee House (UK-JH)
View on infosec-jobs.com

Senior Product Security Engineer

@ Narvar | Hybrid - Bengaluru
View on infosec-jobs.com

Managing Consultant - Advisors Business Development

@ Mastercard | Mumbai, India
View on infosec-jobs.com

Principal Security Engineer

@ Highspot | Vancouver, BC
View on infosec-jobs.com

Incident Response Specialist

@ Wabtec | Bengaluru - KA - IND (ITC Greens)
View on infosec-jobs.com
View more jobs