55 matches found
booth: authfile directive in booth config file is completely ignored.
A flaw was found in booth in the way it handles the authfile directive in configuration files, which causes authentication to be skipped between nodes. As a result, an attacker-controlled node that does not have the correct authentication key does not prevent communication with other nodes in the...
Insecure Configuration
booth:sid is using insecure configuration. The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in...
SUSE SLES15 Security Update : booth (SUSE-SU-2022:2606-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:2606-1 advisory. - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946. Tenable has extracted the preceding description block direct...
SUSE-SU-2022:2609-1 Security update for booth
This update for booth fixes the following issues: - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946...
SUSE-SU-2022:2607-1 Security update for booth
This update for booth fixes the following issues: - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946...
SUSE-SU-2022:2605-1 Security update for booth
This update for booth fixes the following issues: - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946...
[SECURITY] [DSA 5194-1] booth security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5194-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 29, 2022 https://www.debian.org/security/faq -...
CVE-2022-2553
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
CVE-2022-2553
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
AZL-36933 CVE-2022-2553 affecting package booth for versions less than 1.0-8
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
DEBIAN-CVE-2022-2553
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
AZL-25645 CVE-2022-2553 affecting package booth for versions less than 1.0-8
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
Authentication flaw
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
UBUNTU-CVE-2022-2553
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
booth 授权问题漏洞
Both is an open source ticket manager from ClusterLabs. A security vulnerability exists in booth that stems from the authfile directive in the booth configuration file being ignored, preventing the use of authentication in node-to-node communication. As a result, a node without the correct...
CVE-2022-2553
CVE-2022-2553 concerns the Booth cluster ticket manager. Multiple connected sources confirm the root cause: the authfile directive in the booth configuration is ignored, preventing proper authentication enforcement between nodes. This leads to a risk that nodes without the correct authentication ...
CVE-2022-2553
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...
The vulnerability of the authfile.c component of the sshd service in the OpenSSH encryption protection mechanism allows a hacker to gain unauthorized access to protected information.
The vulnerability of the authfile.c component of the sshd service in the OpenSSH encryption protection mechanism is related to key management errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1055)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-12209
Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile default $HOME/.config/Yubico/u2fkeys as root unless openasuser was enabled, and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM...