33 matches found
Design/Logic Flaw
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...
CVE-2018-1085
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...
Design/Logic Flaw
The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...
CVE-2016-10030
The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...
CVE-2016-10030
The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...
CVE-2016-10030
CVE-2016-10030 affects Slurm: the Prolog failure handling in slurmd/req.c can let a user influence an arbitrary file if they can cause or anticipate a Prolog script failure on a compute node. Affected versions span Slurm up to present in 0.6.0 onwards, with fixed ranges listed as: before 15.08.13...
CVE-2016-10030
The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on th...
CVE-2016-10030
Removed by vendor...
openstack-nova: Deleting instances in resize state fails
A flaw was found in the way OpenStack Compute nova handled the resize state. If an authenticated user deleted an instance while it was in the resize state, it could cause the original instance to not be deleted from the compute node it was running on, allowing the user to cause a denial of servic...
openstack-neutron: Denial of Service in Neutron allowed address pair
A denial of service flaw was found in neutron's handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute...
openstack-neutron: Denial of Service in Neutron allowed address pair
A denial of service flaw was found in neutron's handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute...
Ubuntu 12.04 LTS / 12.10 / 13.04 : nova vulnerabilities (USN-2000-1)
It was discovered that Nova did not properly enforce the ispublic property when determining flavor access. An authenticated attacker could exploit this to obtain sensitive information in private flavors. This issue only affected Ubuntu 12.10 and 13.10. CVE-2013-2256, CVE-2013-4278 Grant Murphy...
CCPv1 Compute Node
Determines if the Compute Node feature is installed...