Astra Linux - уязвимость в ansible

A flaw was discovered in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then select a new destination path on the controller node. All versions under 2.7.x, 2.8.x, and 2.9.x branches are believed to be vulnerable...

EUVD-2020-0029

Malware in sbrugna...

pacemaker bug fix update

An update is available for pacemaker. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Pacemaker cluster resource manager is a collection of technologies...

pacemaker bug fix update

An update is available for pacemaker. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Pacemaker cluster resource manager is a collection of technologies...

ansible: multiple modules expose secured values

A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the nolog feature. An...

CVE-2021-3447

A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the nolog feature. An...

ansible: path injection on dest parameter in fetch module

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node...

Directory Traversal

ansible is vulnerable to Directory Traversal. The attack is possible because it does not properly normalize and compare paths, allowing an attacker to manipulate the module, inject a new path, and rewrite a new destination path on the controller node...

DEBIAN-CVE-2020-1735

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...

Design/Logic Flaw

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...

CVE-2020-1735

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...

CVE-2020-1735

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. Mitigation Currently, there is no mitigation for this issue except avoid using the affected fetch module...

Security Bulletin: A vulnerability in OpenSLP affects the IBM FlashSystem models V840 and V9000

Summary A vulnerability exists in OpenSLP to which the IBM FlashSystem™ V840 and FlashSystem V9000 are susceptible. An exploit of this vulnerability CVE-2017-17833 could make the system susceptible to a denial of service due to a corruption of heap memory by a remote attacker. Vulnerability Detai...

Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem model V840

Summary There are vulnerabilities in the IPv6 and MQ components which affect the IBM FlashSystem™ V840. An exploit of these vulnerabilities CVE-2016-10142 and CVE-2017-11176 could make the system susceptible to attacks which could allow an attacker to trigger a kernel panic or denial of service...

Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem model V840

Summary There are vulnerabilities in OpenSSH which the IBM FlashSystem™ V840 is susceptible. An exploit of these vulnerabilities CVE-2016-6515 and CVE-2016-6210 could make the system susceptible to attacks which could allow an attacker to consume all available CPU resources or to enumerate users ...

Security Bulletin: Vulnerabilities in GNU Bash affect the IBM FlashSystem model V840

Summary There are vulnerabilities in GNU Bash to which the IBM FlashSystem™ V840 is susceptible. An exploit of these vulnerabilities CVE-2016-0634, CVE-2016-7543, CVE-2016-9401 could make the system susceptible to an attack which could allow an attacker to execute arbitrary code and commands on t...

Security Bulletin: Vulnerability in Mozilla Network Security Services (NSS) affects the IBM FlashSystem model V840

Summary There is a vulnerability in Mozilla NSS to which the IBM® FlashSystem™ V840 is susceptible. An exploit of this vulnerability CVE-2016-9074 could make the system susceptible to timing side-channel attacks which could be leveraged to allow launch of further attacks on the system Vulnerabili...

Security Bulletin: Vulnerability in Apache Struts affects the IBM FlashSystem model V840

Summary There is a vulnerability in Apache Struts to which the IBM® FlashSystem™ V840 is susceptible. An exploit of this vulnerability CVE-2016-4461 could allow an attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2016-4461 DESCRIPTION: Apache Struts could allow a...

Security Bulletin: Vulnerability in Mozilla NSS affects the IBM FlashSystem model V840

Summary There is a vulnerability in Mozilla Network Security Services NSS to which the IBM® FlashSystem™ V840 is susceptible. An exploit of this vulnerability CVE-2017-7502 could to cause a denial of service. Vulnerability Details CVEID: CVE-2017-7502 DESCRIPTION: Mozilla Network Security Service...

Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem model V840

Summary There are vulnerabilities in OpenSSH to which the IBM® FlashSystem™ V840 is susceptible. An exploit of these vulnerabilities CVE-2015-6563 and CVE-2015-6564 could allow a remote attacker to bypass security restrictions to gain elevated privileges or conduct an impersonation attack...