745 matches found
openstack-puppet-modules: pacemaker configured with default password
It was discovered that the puppet manifests, as provided with the openstack-puppet-modules package, would configure the pcsd daemon with a known default password. If this password was not changed and an attacker was able to gain access to pcsd, they could potentially run shell commands as root...
openstack-puppet-modules: pacemaker configured with default password
It was discovered that the puppet manifests, as provided with the openstack-puppet-modules package, would configure the pcsd daemon with a known default password. If this password was not changed and an attacker was able to gain access to pcsd, they could potentially run shell commands as root...
CentOS 6 : pacemaker (CESA-2013:1635)
Updated pacemaker packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...
Updated pacemaker package fixes one security issue
A denial of service flaw was found in the way Pacemaker performed authentication and processing of remote connections in certain circumstances. When Pacemaker was configured to allow remote Cluster Information Base CIB configuration or resource management, a remote attacker could use this flaw to...
MGASA-2014-0069 Updated pacemaker package fixes one security issue
A denial of service flaw was found in the way Pacemaker performed authentication and processing of remote connections in certain circumstances. When Pacemaker was configured to allow remote Cluster Information Base CIB configuration or resource management, a remote attacker could use this flaw to...
Scientific Linux Security Update : pacemaker on SL6.x i386/x86_64 (20131121)
A denial of service flaw was found in the way Pacemaker performed authentication and processing of remote connections in certain circumstances. When Pacemaker was configured to allow remote Cluster Information Base CIB configuration or resource management, a remote attacker could use this flaw to...
pacemaker security update
CentOS Errata and Security Advisory CESA-2013:1635 Updated pacemaker packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common...
CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
DEBIAN-CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
UBUNTU-CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
Design/Logic Flaw
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
CVE-2013-0281
CVE-2013-0281 affects Pacemaker 1.1.10 when remote CIB configuration or resource management is enabled. The root cause is that remote connections to blocking sockets are not limited in duration, allowing a remote attacker to cause a denial of service by blocking the cluster’s service. Public advi...
RHEL 6 : pacemaker (RHSA-2013:1635)
Updated pacemaker packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...
pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets
Pacemaker 1.1.10, when remote Cluster Information Base CIB configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service connection blocking...
Low: Red Hat Security Advisory: pacemaker security, bug fix, and enhancement update
Updated pacemaker packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...
Scientific Linux Security Update : selinux-policy enhancement update on SL6.x i386/x86_64 (20131104)
This update adds the following enhancements : - Previously, the pacemaker resource manager did not have its own policy defined and started in the initrct domain. With this update, the wrong context has been fixed and proper permissions have been set for pacemaker, thus fixing the bug. - Previousl...