Vulnerabilities > Michael Dehaan
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-12-09 | CVE-2010-4512 | Permissions, Privileges, and Access Controls vulnerability in Michael Dehaan Cobbler Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable permissions for files and directories. | 7.2 |
2010-12-09 | CVE-2009-5021 | Credentials Management vulnerability in Michael Dehaan Cobbler Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password. | 7.5 |
2009-08-12 | CVE-2008-6954 | Permissions, Privileges, and Access Controls vulnerability in Michael Dehaan Cobbler The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules. | 9.0 |