26 matches found
EUVD-2015-8438
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2015-8559
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages. CVE-2015-8559 Note that...
Linux Distros Unpatched Vulnerability : CVE-2023-28864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode- cache/backup world-readable temporary backup path to...
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
Chef Infra Client SEoL (17.x)
According to its version, Chef Infra Client is 17.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...
Chef Infra Client SEoL (16.x)
According to its version, Chef Infra Client is 16.x or earlier. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVE...
Chef Infra Client Installed (Unix)
Binary data chefinfraclientnixinstalled.nbin...
Chef Infra Server Detection
Binary data chefinfraserverwebdetect.nbin...
Chef Infra Client Detection
Binary data chefinfraclientwebdetect.nbin...
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
Command injection
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
CVE-2023-28864
Progress Chef Infra Server before 15.7 is affected by CVE-2023-28864. A local attacker can exploit a world-readable /var/opt/opscode/local-mode-cache/backup temporary backup path to access sensitive information, leading to disclosure of all indexed node data because OpenSearch credentials are exp...
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
PT-2023-22015 · Progress · Progress Chef Infra Server
Name of the Vulnerable Software and Affected Versions: Progress Chef Infra Server versions prior to 15.7 Description: The issue allows a local attacker to access sensitive information by exploiting a world-readable temporary backup path at /var/opt/opscode/local-mode-cache/backup. This results in...
Progress Software Chef Infra Server 安全漏洞
Progress Software Chef Infra Server is an application from Progress Software, Inc. It is used to act as a hub for configuration data. A security vulnerability exists in Progress Software Chef Infra Server versions prior to 15.7, which stems from a vulnerability that allows a local attacker to...
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. The data...
CVE-2015-8559
The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages...