Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 4 : glusterfs-3.8.4-54.9.AXS4 (AXSA:2018-3123:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3123:02 advisory. It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster...

8.8CVSS7.7AI score0.05374EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11757

Malware in sbrugna...

8.8CVSS8.1AI score0.02384EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.2 views

SUSE CVE-2018-1088

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...

8.1CVSS8.9AI score0.05374EPSS
Exploits1References4
Debian
Debian
added 2021/11/01 11:25 p.m.35 views

[SECURITY] [DLA 2806-1] glusterfs security update

Debian LTS Advisory DLA-2806-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 01, 2021 https://wiki.debian.org/LTS Package : glusterfs Version : 3.8.8-1+deb9u1 CVE ID : CVE-2018-1088 CVE-2018-10841 CVE-2018-10904 CVE-2018-10907 CVE-2018-10911...

8.8CVSS6.9AI score0.05374EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/01/27 12:0 a.m.28 views

openSUSE: Security Advisory for glusterfs (openSUSE-SU-2020:0079_1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.2AI score0.05374EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2018-1185)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.5AI score0.05374EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.36 views

openSUSE Security Update : glusterfs (openSUSE-2020-79)

This update for glusterfs fixes the following issues : glusterfs was update to release 3.12.15 : - Fixed a number of bugs and security issues : - CVE-2018-1088, CVE-2018-1112 boo1090084, CVE-2018-10904 boo1107018, CVE-2018-10907 boo1107019, CVE-2018-10911 boo1107020, CVE-2018-10913 boo1107021,...

8.8CVSS6.5AI score0.05374EPSS
Exploits1References28
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.36 views

GLSA-201904-06 : GlusterFS: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201904-06 GlusterFS: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GlusterFS. Please review the referenced CVE identifiers for details. Impact : Please review the referenced CVE identifiers for details...

8.8CVSS6.5AI score0.05374EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.26 views

Fedora 28 : glusterfs (2018-e048a4ef13)

Security fix for CVE-2018-1088 Privilege escalation via glustersharedstorage when snapshot scheduling is enabled Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...

8.1CVSS7.7AI score0.05374EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/05/14 12:0 a.m.37 views

Fedora 26 : glusterfs (2018-f9e0f1caf7)

Security fix for CVE-2018-1088 Privilege escalation via glustersharedstorage when snapshot scheduling is enabled Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...

8.1CVSS7.7AI score0.05374EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/05/04 12:0 a.m.47 views

RHEL 7 : Virtualization (RHSA-2018:1275)

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

8.8CVSS7.6AI score0.05374EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2018/05/02 1:15 p.m.31 views

Important: Red Hat Security Advisory: redhat-virtualization-host security update

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

8.8CVSS7.2AI score0.05374EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2018/05/02 12:0 a.m.38 views

Fedora 27 : glusterfs (2018-6dc9145693)

Security fix for CVE-2018-1088 Privilege escalation via glustersharedstorage when snapshot scheduling is enabled Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...

8.1CVSS7.7AI score0.05374EPSS
Exploits1References2
Prion
Prion
added 2018/04/25 12:29 p.m.21 views

Design/Logic Flaw

glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression...

7.5CVSS8.1AI score0.05374EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2018/04/25 12:29 p.m.3 views

UBUNTU-CVE-2018-1112

glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression...

8.8CVSS7.3AI score0.02384EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2018/04/25 12:0 p.m.26 views

CVE-2018-1112

glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression...

8.8CVSS8.3AI score0.02384EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2018/04/24 2:48 p.m.29 views

CVE-2018-1112

It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes. Mitigation 1. Use TLS Authentication to authenticate gluster clients to limit access to gluster...

8.8CVSS2.2AI score0.05374EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/04/19 12:0 a.m.88 views

RHEL 7 : glusterfs (RHSA-2018:1136) (deprecated)

An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 7 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

8.1CVSS8.1AI score0.05374EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/04/19 12:0 a.m.35 views

RHEL 6 : glusterfs (RHSA-2018:1137)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1137 advisory. - glusterfs: Privilege escalation via glustersharedstorage when snapshot scheduling is enabled CVE-2018-1088 Note that Nessus has not tested for this...

8.1CVSS7.7AI score0.05374EPSS
Exploits1References5
CVE
CVE
added 2018/04/18 4:0 p.m.247 views

CVE-2018-1088

CVE-2018-1088 affects GlusterFS 3.x via the snapshot scheduler: an unauthenticated client could exploit the scheduler to mount shared storage and escalate privileges by scheduling a malicious cronjob via a symlink. The issue is tied to a regression/regression-related chain (CVE-2018-1112) in patc...

8.1CVSS8AI score0.05374EPSS
Exploits1References8Affected Software4
Rows per page
Query Builder