Lucene search
K

55 matches found

RedHat Linux
RedHat Linux
added 2022/08/30 9:46 p.m.4 views

booth: authfile directive in booth config file is completely ignored.

A flaw was found in booth in the way it handles the authfile directive in configuration files, which causes authentication to be skipped between nodes. As a result, an attacker-controlled node that does not have the correct authentication key does not prevent communication with other nodes in the...

6.5CVSS5.7AI score0.00924EPSS
Exploits0References4
Veracode
Veracode
added 2022/08/11 3:28 a.m.21 views

Insecure Configuration

booth:sid is using insecure configuration. The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in...

6.5CVSS6.3AI score0.00924EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.49 views

SUSE SLES15 Security Update : booth (SUSE-SU-2022:2606-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:2606-1 advisory. - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946. Tenable has extracted the preceding description block direct...

6.5CVSS6.7AI score0.00924EPSS
Exploits0References4
OSV
OSV
added 2022/08/01 7:48 a.m.5 views

SUSE-SU-2022:2609-1 Security update for booth

This update for booth fixes the following issues: - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946...

6.5CVSS6.3AI score0.00924EPSS
Exploits0References3
OSV
OSV
added 2022/08/01 7:47 a.m.5 views

SUSE-SU-2022:2607-1 Security update for booth

This update for booth fixes the following issues: - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946...

6.5CVSS6.3AI score0.00924EPSS
Exploits0References3
OSV
OSV
added 2022/08/01 7:47 a.m.3 views

SUSE-SU-2022:2605-1 Security update for booth

This update for booth fixes the following issues: - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946...

6.5CVSS6.3AI score0.00924EPSS
Exploits0References3
Debian
Debian
added 2022/07/29 2:43 p.m.30 views

[SECURITY] [DSA 5194-1] booth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5194-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 29, 2022 https://www.debian.org/security/faq -...

6.5CVSS6.4AI score0.00924EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/07/28 3:15 p.m.3 views

CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.5CVSS6.5AI score0.00924EPSS
Exploits0References8
NVD
NVD
added 2022/07/28 3:15 p.m.17 views

CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.5CVSS0.00924EPSS
Exploits0References4
OSV
OSV
added 2022/07/28 3:15 p.m.6 views

AZL-36933 CVE-2022-2553 affecting package booth for versions less than 1.0-8

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.5CVSS5.7AI score0.00924EPSS
Exploits0References1
OSV
OSV
added 2022/07/28 3:15 p.m.0 views

DEBIAN-CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.5CVSS6.4AI score0.00924EPSS
Exploits0References1
OSV
OSV
added 2022/07/28 3:15 p.m.4 views

AZL-25645 CVE-2022-2553 affecting package booth for versions less than 1.0-8

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.5CVSS5.7AI score0.00924EPSS
Exploits0References1
Prion
Prion
added 2022/07/28 3:15 p.m.22 views

Authentication flaw

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.4CVSS6.3AI score0.00924EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2022/07/28 3:15 p.m.4 views

UBUNTU-CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.5CVSS6.6AI score0.00924EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.0 views

booth 授权问题漏洞

Both is an open source ticket manager from ClusterLabs. A security vulnerability exists in booth that stems from the authfile directive in the booth configuration file being ignored, preventing the use of authentication in node-to-node communication. As a result, a node without the correct...

6.5CVSS6.3AI score0.00924EPSS
Exploits0References13
CVE
CVE
added 2022/07/28 12:0 a.m.128 views

CVE-2022-2553

CVE-2022-2553 concerns the Booth cluster ticket manager. Multiple connected sources confirm the root cause: the authfile directive in the booth configuration is ignored, preventing proper authentication enforcement between nodes. This leads to a risk that nodes without the correct authentication ...

6.5CVSS6.2AI score0.00924EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/07/28 12:0 a.m.21 views

CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

6.6AI score0.00924EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.5 views

The vulnerability of the authfile.c component of the sshd service in the OpenSSH encryption protection mechanism allows a hacker to gain unauthorized access to protected information.

The vulnerability of the authfile.c component of the sshd service in the OpenSSH encryption protection mechanism is related to key management errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.6AI score0.01101EPSS
Exploits1References5Affected Software3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1055)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.37431EPSS
Exploits5References2
UbuntuCve
UbuntuCve
added 2019/06/04 9:29 p.m.23 views

CVE-2019-12209

Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile default $HOME/.config/Yubico/u2fkeys as root unless openasuser was enabled, and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM...

7.5CVSS6.7AI score0.02885EPSS
Exploits1References3
Rows per page
Query Builder