Arbitrary Command Execution Vulnerability in Kiwi

Arbitrary Command Execution Vulnerability in Kiwi

CVE-2011-2649 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.