Showing 1 - 1 of 1

CVE-2013-4386

Status Candidate

Overview

Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.

Related Files

Red Hat Security Advisory 2013-1522-01: Posted Nov 14, 2013; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2013-1522-01 - The Foreman packages provide facilities for rapidly deploying Red Hat OpenStack 3.0. These packages are provided as a Technology Preview. For more information on the scope and nature of support for items marked as Technology Preview, refer to https://access.redhat.com/support/offerings/techpreview/ It was found that Foreman did not correctly sanitize values of the "fqdn" and "hostgroup" parameters, allowing an attacker to provide a specially crafted value for these parameters and perform an SQL injection attack.; tags | advisory, web, sql injection; systems | linux, redhat; advisories | CVE-2013-4386; SHA-256 | 882fbca6772b0916e0958e824ed243b5219a9837225a71e9a0e65782c286fb07; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2013-4386

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems