Security Advisory
CVE-2012-3366
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server).