CVE-2008-6954: Cobbler Web Interface Kickstart Template Remote Privilege Escalation Vulnerability

Severity: Critical

CVSS Score: 9

The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules.