2976 matches found
CVE-2016-5009
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
DEBIAN-CVE-2016-5009
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
CVE-2016-5009
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
Command injection
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
CVE-2016-5009
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
CVE-2016-5009
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
CVE-2016-5009
The CVE-2016-5009 issue affects Ceph where the handle_command function in mon/Monitor.cc could be triggered by an empty or crafted prefix, allowing a remote authenticated user to cause a denial of service (segmentation fault and monitor crash). The linked advisories (Red Hat RHSA-2016:1384, SUSE/...
CVE-2016-5009
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
UBUNTU-CVE-2016-5009
The handlecommand function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service segmentation fault and ceph monitor crash via an 1 empty or 2 crafted prefix...
Red Hat Ceph Storage Denial of Service Vulnerability
Red Hat Ceph Storage is a suite of scalable, open software-defined storage platforms from Red Hat USA. A denial of service vulnerability exists in the 'handlecommand' function in Red Hat Ceph Storage. An attacker can exploit this vulnerability by sending a specially crafted prefix to cause a deni...
Moderate: Red Hat Security Advisory: ceph security update
An updated ceph package that fixes one security issue is now available for Red Hat Ceph Storage 1.3 for Ubuntu 14.04. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
crash: mon_command crashes ceph monitors on receiving empty prefix
A flaw was found in the way handlecommand function would validate prefix value from user. An authenticated attacker could send a specially crafted prefix value resulting in ceph monitor crash...
Moderate: Red Hat Security Advisory: ceph security update
An updated ceph package that fixes one security issue is now available for Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
crash: mon_command crashes ceph monitors on receiving empty prefix
A flaw was found in the way handlecommand function would validate prefix value from user. An authenticated attacker could send a specially crafted prefix value resulting in ceph monitor crash...
CVE-2016-5009
A flaw was found in the way handlecommand function would validate prefix value from user. An authenticated attacker could send a specially crafted prefix value resulting in ceph monitor crash...
PT-2016-6217 · Red Hat +3 · Ceph +3
Name of the Vulnerable Software and Affected Versions: Ceph affected versions not specified Description: The issue allows remote authenticated users to cause a denial of service, resulting in a segmentation fault and ceph monitor crash. This can be achieved by sending an empty or crafted prefix t...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
kernel security and bug fix update
3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...
SUSE-SU-2016:0806-1 Security update for ceph
This update provides Ceph 0.8.11, which fixes the following security issue: - CVE-2015-5245: A CRLF injection vulnerability in the Ceph Object Gateway aka radosgw or RGW could allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket...
sos security update
CentOS Errata and Security Advisory CESA-2016:0188 An updated sos package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base...