Denial Of Service (DoS)

Pacemaker is vulnerable to denial of service. This is due to the way authentication and processing of remote connections in certain circumstances are performed. A remote attacker is able to exploit the vulnerability to prevent the process from serving other requests when it is configured with...

PT-2018-2976 · Clusterlabs +5 · Pacemaker +5

Name of the Vulnerable Software and Affected Versions: Pacemaker versions up to and including 2.0.1 Description: The issue is related to an uncontrolled resource consumption in the Pacemaker cluster resource management software, which can be exploited to cause a denial of service DoS. This could...

RHEL 7 : atomic-openshift-utils (RHSA-2016:2778)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2778 advisory. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...

PT-2018-3485 · Clusterlabs +5 · Pacemaker +5

Name of the Vulnerable Software and Affected Versions: Pacemaker versions up to and including 2.0.0 Description: A flaw was found in the way Pacemaker's client-server authentication was implemented, allowing a local attacker to achieve local privilege escalation by combining this flaw with other...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 8 director security and bug fix update

An update for instack-undercloud and openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 8.0 Liberty director. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

Authorization

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

DEBIAN-CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

CVE-2016-7035

CVE-2016-7035 affects Pacemaker prior to 1.1.16, due to an authorization flaw on the IPC interface. An unprivileged local attacker could force the Local Resource Manager daemon to execute a script as root, gaining full euid/root access. The issue is mitigated by upgrading Pacemaker to 1.1.16 or n...

CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

pcs security update

CentOS Errata and Security Advisory CESA-2018:1927 An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CentOS Update for pcs CESA-2018:1060 centos7

Check the version of pcs SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882895";...

CentOS 7 : pcs (CESA-2018:1060)

An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

pcs security update

CentOS Errata and Security Advisory CESA-2018:1060 An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2017-12714

Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life. CVSS v3 base score: 5.3, CVSS...

CVE-2017-12712

The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3...

Medicine pumps & Pacemaker threat as Dr’s simulate hacked overdose

By Waqas Doctors Demonstrate Dangers of Hacked Medicine Pumps By Simulating Emergency This is a post from HackRead.com Read the original post: Medicine pumps & Pacemaker threat as Dr’s simulate hacked overdose...