Lucene search
K

39 matches found

OSV
OSV
added 2015/06/16 4:59 p.m.3 views

UBUNTU-CVE-2015-3010

ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS5.8AI score0.00376EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/06/16 4:59 p.m.19 views

CVE-2015-3010

ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS5.9AI score0.00376EPSS
Exploits0References2
PyPA
PyPA
added 2015/06/16 4:59 p.m.6 views

PYSEC-2015-2

ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS6.2AI score0.00376EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2015/06/16 4:0 p.m.25 views

CVE-2015-3010

ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

5.5AI score0.00376EPSS
Exploits0References9
CVE
CVE
added 2015/06/16 4:0 p.m.71 views

CVE-2015-3010

CVE-2015-3010 affects the toolset ceph-deploy prior to version 1.5.23. Affected component: the file ceph/ceph.client.admin.keyring; its permissions are weakly set to 644, allowing local users to read the file and obtain sensitive information. The vulnerability is limited to local access with the ...

2.1CVSS5.5AI score0.00376EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/06/15 12:0 a.m.30 views

RHEL 6 / 7 : ceph-deploy (RHSA-2015:1092)

An updated ceph-deploy package that fixes two security issues is now available for Red Hat Ceph Storage. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

2.1CVSS5.5AI score0.00383EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/06/11 3:54 p.m.5 views

ceph-deploy: keyring permissions are world readable in ~ceph

It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...

2.1CVSS5.8AI score0.00376EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/06/11 3:54 p.m.3 views

ceph-deploy admin command copies keyring file to /etc/ceph which is world readable

It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...

2.1CVSS5.8AI score0.00383EPSS
Exploits0References4
NVD
NVD
added 2015/06/08 2:59 p.m.22 views

CVE-2015-4053

The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS5.7AI score0.00383EPSS
Exploits0References5
PyPA
PyPA
added 2015/06/08 2:59 p.m.5 views

PYSEC-2015-3

The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS6.4AI score0.00383EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2015/06/08 2:59 p.m.4 views

UBUNTU-CVE-2015-4053

The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS5.8AI score0.00383EPSS
Exploits0References3
Prion
Prion
added 2015/06/08 2:59 p.m.15 views

Command injection

The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS6.3AI score0.00383EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2015/06/08 2:59 p.m.22 views

CVE-2015-4053

The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS5.9AI score0.00383EPSS
Exploits0References2
OSV
OSV
added 2015/06/08 2:59 p.m.27 views

PYSEC-2015-3

The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...

2.1CVSS1.9AI score0.00383EPSS
Exploits0References6
CVE
CVE
added 2015/06/08 2:0 p.m.58 views

CVE-2015-4053

CVE-2015-4053 affects ceph-deploy prior to 1.5.25, where the admin keyring (/etc/ceph/ceph.client.admin.keyring) is created with world-readable permissions. This allows a local user to read sensitive credentials. Remediation: upgrade ceph-deploy to 1.5.25 or newer (as cited by Red Hat and OSV/GHS...

2.1CVSS5.8AI score0.00383EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2015/04/22 12:0 a.m.18 views

Fedora Update for ceph-deploy FEDORA-2015-5981

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS6.5AI score0.00376EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.22 views

Fedora 21 : ceph-deploy-1.5.23-1.fc21 (2015-5981)

Update to ceph-deploy 1.5.23. This fixes CVE-2015-3010 keyring permissions are world readable in ceph. See upstream changelog for detailed changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

2.1CVSS5.4AI score0.00376EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.21 views

Fedora 22 : ceph-deploy-1.5.23-1.fc22 (2015-5953)

Update to ceph-deploy 1.5.23. This fixes CVE-2015-3010 keyring permissions are world readable in ceph. See upstream changelog for detailed changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

2.1CVSS5.4AI score0.00376EPSS
Exploits0References4
Fedora
Fedora
added 2015/04/21 7:23 p.m.55 views

[SECURITY] Fedora 22 Update: ceph-deploy-1.5.23-1.fc22

An easy to use admin tool for deploy ceph storage clusters...

2.1CVSS2.5AI score0.00376EPSS
Exploits0
Rows per page
Query Builder