Candidate: CVE-2011-4953
PublicDate: 2014-10-27 01:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4953
Description:
 The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows
 context-dependent attackers to execute arbitrary code via vectors related
 to the use of the yaml.load function instead of the yaml.safe_load
 function, as demonstrated using Puppet.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/oneiric/+source/cobbler/+bug/858883
 https://bugzilla.redhat.com/show_bug.cgi?id=811920
Priority: high
Discovered-by:
Assigned-to: 
CVSS: 

Patches_cobbler:
upstream_cobbler: needs-triage
hardy_cobbler: DNE
lucid_cobbler: DNE
natty_cobbler: ignored (reached end-of-life)
oneiric_cobbler: ignored (reached end-of-life)
precise_cobbler: released (2.2.2-0ubuntu1)
quantal_cobbler: released (2.2.2-0ubuntu1)
raring_cobbler: released (2.2.2-0ubuntu1)
devel_cobbler: released (2.2.2-0ubuntu1)