The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Foreman | Theforeman | * | 1.4.4 (including) |
Foreman | Theforeman | 1.4.0 (including) | 1.4.0 (including) |
Foreman | Theforeman | 1.4.1 (including) | 1.4.1 (including) |
Foreman | Theforeman | 1.4.2 (including) | 1.4.2 (including) |
Foreman | Theforeman | 1.4.3 (including) | 1.4.3 (including) |
Foreman | Theforeman | 1.5.0 (including) | 1.5.0 (including) |
OpenStack 3 for RHEL 6 | RedHat | ruby193-foreman-proxy-0:1.1.10001-7.el6ost | * |
OpenStack 4 for RHEL 6 | RedHat | foreman-proxy-0:1.3.0-5.el6sat | * |
Red Hat Satellite 6.0 | RedHat | foreman-proxy-0:1.6.0.30-1.el7sat | * |
Red Hat Satellite 6.0 | RedHat | foreman-proxy-0:1.6.0.30-1.el7sat | * |