| Name | CVE-2012-3366 |
| Description | The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server). |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DSA-2503-1 |
| Debian Bugs | 679272 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| bcfg2 | source | squeeze | 1.0.1-3+squeeze2 | DSA-2503-1 | ||
| bcfg2 | source | (unstable) | 1.2.2-2 | 679272 |