A flaw was found in cobbler. The flaw lies in cobblerd's anamon support, specifically the upload_log_data XMLRPC function. An anamon_enabled setting, if enabled, accepts unsanitized user-supplied parameters. This flaw allows an attacker to write arbitrary files to the system. The highest threat from this vulnerability is to confidentiality, integrity, and availability.
A flaw was found in cobbler. The flaw lies in cobblerd's anamon support, specifically the upload_log_data XMLRPC function. An anamon_enabled setting, if enabled, accepts unsanitized user-supplied parameters. This flaw allows an attacker to write arbitrary files to the system. The highest threat from this vulnerability is to confidentiality, integrity, and availability.