11 matches found
Mageia: Security Advisory (MGASA-2014-0350)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-4967
Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with 1 a trailing " src=" clause, 2 a trailing " temp=" clause, or 3 a...
CVE-2014-4967
Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with 1 a trailing " src=" clause, 2 a trailing " temp=" clause, or 3 a...
CVE-2014-4967
CVE-2014-4967 affects Ansible up to version 1.6.7, enabling remote code execution via crafted facts (trailing src=, temp=, or validate= clauses). Root cause: argument injection in facts processed by Ansible. Impact: remote code execution with code or shell commands executed on the managed host. R...
[oCERT-2014-004] Ansible input sanitization errors
2014-004 Ansible input sanitization errors Description: The Ansible project is an open source configuration management platform. The Ansible platform suffers from input sanitization errors that allow arbitrary code execution as well as information leak, in case an attacker is able to control...
[oCERT-2014-004] Ansible input sanitization errors
2014-004 Ansible input sanitization errors Description: The Ansible project is an open source configuration management platform. The Ansible platform suffers from input sanitization errors that allow arbitrary code execution as well as information leak, in case an attacker is able to control...
Updated ansible package fixes multiple security issues
Updated ansible package fixes security vulnerabilities: The Ansible platform before version 1.6.7 suffers from input sanitization errors that allow arbitrary code execution as well as information leak, in case an attacker is able to control certain playbook variables CVE-2014-4678, CVE-2014-4966,...
Fedora 20 : ansible-1.6.10-1.fc20 (2014-8901)
Update to 1.6.10 Update to 1.6.9 with more shell quoting fixes. Update to 1.6.7. Fixes CVE-2014-4966 and CVE-2014-4967 Update to 1.6.8 with fixes for shell quoting from previous release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 19 : ansible-1.6.10-1.fc19 (2014-8904)
Update to 1.6.10 Update to 1.6.9 with more shell quoting fixes. Update to 1.6.7 Fixes CVE-2014-4966 and CVE-2014-4967 Update to 1.6.8 with fixes for shell quoting from previous release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora Update for ansible FEDORA-2014-8904
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ansible FEDORA-2014-8901
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...