Launchpad CVE tracker

CVE 2011-3211

The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client.

Related bugs and status

CVE-2011-3211 (Candidate) is related to these bugs:

Bug #844743: Unescaped shell command vulnerabilities

		In	Importance	Status
844743	Unescaped shell command vulnerabilities	bcfg2 (Ubuntu)	High	Fix Released
844743	Unescaped shell command vulnerabilities	bcfg2 (Ubuntu Hardy)	High	Fix Released
844743	Unescaped shell command vulnerabilities	bcfg2 (Ubuntu Lucid)	High	Fix Released
844743	Unescaped shell command vulnerabilities	bcfg2 (Ubuntu Oneiric)	High	Fix Released
844743	Unescaped shell command vulnerabilities	bcfg2 (Ubuntu Natty)	High	Fix Released
844743	Unescaped shell command vulnerabilities	bcfg2 (Ubuntu Maverick)	High	Fix Released
844743	Unescaped shell command vulnerabilities	bcfg2 (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.debian.org/...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://article.gmane.o...
MISC: http://openwall.com/li...
MISC: http://openwall.com/li...
MISC: http://bugs.debian.org...
MISC: https://bugzilla.redha...
MISC: https://github.com/sol...
MISC: https://github.com/sol...

Launchpad.net

CVE 2011-3211

Related bugs and status

Related bugs

References