Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2008-6954

The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules.

  • Published: Aug 12, 2009
  • Updated: Nov 9, 2025
  • CVE: CVE-2008-6954
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9
  • AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

Software From Fixed in
michael_dehaan / cobbler 1.0.2 1.0.2.x
michael_dehaan / cobbler 1.2.0 1.2.0.x
michael_dehaan / cobbler 0.2.3 0.2.3.x
michael_dehaan / cobbler 1.2.2 1.2.2.x
michael_dehaan / cobbler 0.2.7 0.2.7.x
michael_dehaan / cobbler 0.3.5 0.3.5.x
michael_dehaan / cobbler 0.3.0 0.3.0.x
michael_dehaan / cobbler 1.2.6 1.2.6.x
michael_dehaan / cobbler 0.4.0 0.4.0.x
michael_dehaan / cobbler 1.2.3 1.2.3.x
michael_dehaan / cobbler 0.4.3 0.4.3.x
michael_dehaan / cobbler 0.8.1 0.8.1.x
michael_dehaan / cobbler 0.2.5 0.2.5.x
michael_dehaan / cobbler 0.8.3 0.8.3.x
michael_dehaan / cobbler 1.0.2-1 1.0.2-1.x
michael_dehaan / cobbler 0.3.7 0.3.7.x
michael_dehaan / cobbler - 1.2.8.x
michael_dehaan / cobbler 0.6.4 0.6.4.x
michael_dehaan / cobbler 0.4.6 0.4.6.x
michael_dehaan / cobbler 0.2.1 0.2.1.x
michael_dehaan / cobbler 0.4.7 0.4.7.x
michael_dehaan / cobbler 0.6.5 0.6.5.x
michael_dehaan / cobbler 0.6.1 0.6.1.x
michael_dehaan / cobbler 1.2.5 1.2.5.x
michael_dehaan / cobbler 0.1.1.7 0.1.1.7.x
michael_dehaan / cobbler 0.3.9 0.3.9.x
michael_dehaan / cobbler 0.4.2 0.4.2.x
michael_dehaan / cobbler 1.0.3-1 1.0.3-1.x
michael_dehaan / cobbler 1.0.0 1.0.0.x
michael_dehaan / cobbler 0.5.0 0.5.0.x
michael_dehaan / cobbler 0.6.0 0.6.0.x
michael_dehaan / cobbler 0.3.4 0.3.4.x
michael_dehaan / cobbler 0.2.8 0.2.8.x
michael_dehaan / cobbler 1.2.7 1.2.7.x
michael_dehaan / cobbler 0.2.2 0.2.2.x
michael_dehaan / cobbler 0.4.8 0.4.8.x
michael_dehaan / cobbler 0.6.3 0.6.3.x
michael_dehaan / cobbler 0.3.1 0.3.1.x
michael_dehaan / cobbler 0.2.9 0.2.9.x
michael_dehaan / cobbler 0.3.3 0.3.3.x
michael_dehaan / cobbler 0.4.5 0.4.5.x
michael_dehaan / cobbler 0.3.6 0.3.6.x