34 matches found
RHCOS 3 : OpenShift Container Platform 3.2 (RHSA-2018:3742)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3742 advisory. - kubernetes: authentication/authorization bypass in the handling of non-101 responses CVE-2018-1002105 Note that Nessus has not tested for...
RHCOS 3 : OpenShift Container Platform 3.3 (RHSA-2018:3754)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3754 advisory. - kubernetes: authentication/authorization bypass in the handling of non-101 responses CVE-2018-1002105 Note that Nessus has not tested for...
RHCOS 3 : OpenShift Container Platform 3.9 (RHSA-2018:2908)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2908 advisory. - atomic-openshift: oc patch with json causes masterapi service crash CVE-2018-14632 - kubernetes: authentication/authorization bypa...
RHCOS 3 : OpenShift Container Platform 3.10 (RHSA-2018:3549)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3549 advisory. - kubernetes: authentication/authorization bypass in the handling of non-101 responses CVE-2018-1002105 Note that Nessus has not tested for...
Linux Distros Unpatched Vulnerability : CVE-2018-1002105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver...
Oracle Linux 7 : kubernetes (ELSA-2018-4303)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4303 advisory. - CVE-2018-1002105 Handle error responses from backends Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
openSUSE Security Update : kubernetes (openSUSE-2020-554) (Dirty COW)
This update introduces kubernetes version 1.14.1 and cri-o 1.17.1 to Leap 15.1. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-554. The text description of this plugin is C SUSE...
Security Bulletin: A Security Vulnerability Has Been Identified In IBM Cloud Private shipped with IBM Cloud Private for Data - CVE-ID: CVE-2018-1002105
Summary IBM Cloud Private is shipped with IBM Cloud Private for Data. Information about a security vulnerability affecting IBM Cloud Private has been published in a security bulletin. Vulnerability Details Refer to the security bulletin listed in the Remediation/Fixes section Affected Products an...
Fedora 29 : kubernetes (2019-3ecff65275)
Allow to install cri-o as alternative to docker - Allow to install moby-engine as alternative to docker ---- Update to v1.12.5 Verify backend upgraded connection Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...
kubernetes security update
kubernetes 1.9.11-2.2.1 - CVE-2019-6486 1.9.11-2.1.1 - Fix kubeadm-registry.sh - Use golang 1.9.3 - CVE-2018-1002105 Handle error responses from backends - Bump to v1.9.11 1.9.1-2.1.7 - Orabug 27803001 1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from...
Photon OS 1.0: Kubernetes PHSA-2019-1.0-0202
An update of the kubernetes package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0202. The text itself is copyright C VMware, Inc. include"compat.inc"; if description...
Fedora 29 : origin (2018-314913636b)
Rebase to upstream 8de5c3442e56dbe05403990ce0821746673fd588, let's call it 3.11.1 - Fix for CVE-2018-1002105 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it...
Kubernetes - (Unauthenticated) Arbitrary Requests Exploit
!/usr/bin/env python3 import argparse from ssl import wrapsocket from json import loads, dumps from socket import createconnection def requeststage1base, version, target: stage1 = "" with open'ustage1', 'r' as stage1fd: stage1 = stage1fd.read return stage1.formatbase, version, target .encode'utf-...
Security Bulletin: IBM API Connect is affected by a critical privilege escalation vulnerability in Kubernetes (CVE-2018-1002105)
Summary API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-1002105 DESCRIPTION: Kubernetes could allow a remote attacker to gain elevated privileges on the system, caused by the improper handling of requests in the API server. By sending a specially craft...
Photon OS 2.0: Kubernetes PHSA-2018-2.0-0112 (deprecated)
An update of 'kubernetes' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0112. The text itself is copyright C VMware, Inc...
Kubernetes proxy request handling vulnerability (CVE-2018-1002105)
A remote, unauthenticated attacker may be able to leverage API calls to escalate privileges via proxy request handling vulnerability. Note that a successful attack requires that an API extension server is directly accessible from the Kubernetes API server's network or that a cluster has granted p...
Kubernetes - (Unauthenticated) Arbitrary Requests
!/usr/bin/env python3 import argparse from ssl import wrapsocket from json import loads, dumps from socket import createconnection def requeststage1base, version, target: stage1 = "" with open'ustage1', 'r' as stage1fd: stage1 = stage1fd.read return stage1.formatbase, version, target .encode'utf-...
Kubernetes - (Authenticated) Arbitrary Requests
!/usr/bin/env python3 import argparse from ssl import wrapsocket from socket import createconnection from secrets import base64, tokenbytes def requeststage1namespace, pod, method, target, token: stage1 = "" with open'stage1', 'r' as stage1fd: stage1 = stage1fd.read return stage1.formatnamespace,...
Kubernetes - (Authenticated) Arbitrary Requests
Kubernetes - Authenticated Arbitrary Requests !/usr/bin/env python3 import argparse from ssl import wrapsocket from socket import createconnection from secrets import base64, tokenbytes def requeststage1namespace, pod, method, target, token: stage1 = "" with open'stage1', 'r' as stage1fd: stage1 ...
Kubernetes - (Unauthenticated) Arbitrary Requests
Kubernetes - Unauthenticated Arbitrary Requests !/usr/bin/env python3 import argparse from ssl import wrapsocket from json import loads, dumps from socket import createconnection def requeststage1base, version, target: stage1 = "" with open'ustage1', 'r' as stage1fd: stage1 = stage1fd.read return...