Bcfg2 'Trigger' Plugin Remote Command Injection Vulnerability

Bcfg2 is prone to a remote command-injection vulnerability due to a failure to properly sanitize user-supplied input in the 'Trigger' plugin.

An attacker can exploit this vulnerability to inject and execute arbitrary commands within the context of the affected application. This may facilitate a complete system compromise.


Privacy Statement
Copyright 2010, SecurityFocus