Confirmed, with the following. Marking medium, and tagging as a security bug. I'm not certain it exposes credentials, or anything else highly privileged. If this is not the case, please update the bug with an example.
Thanks.
#!/usr/bin/python import xmlrpclib server = xmlrpclib.Server("http://127.0.0.1/cobbler_api") print server.get_distros() print server.get_profiles() print server.get_systems() print server.get_images() print server.get_repos()
Confirmed, with the following. Marking medium, and tagging as a security bug. I'm not certain it exposes credentials, or anything else highly privileged. If this is not the case, please update the bug with an example.
Thanks.
#!/usr/bin/python 127.0.0. 1/cobbler_ api") get_distros( ) get_profiles( ) get_systems( )
import xmlrpclib
server = xmlrpclib.Server("http://
print server.
print server.
print server.
print server.get_images()
print server.get_repos()