Lucene search
K

7 matches found

OSV
OSV
added 2016/06/03 2:59 p.m.6 views

CVE-2016-3096

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...

7.8CVSS7.5AI score
Exploits0References13
OSV
OSV
added 2016/05/05 4:26 p.m.7 views

MGASA-2016-0163 Updated ansible packages fix CVE-2016-3096

Updated ansible package fixes security vulnerability: A vulnerability in lxccontainer, ansible module, was found allowing to get root inside the container. The problem is in the createscript function, which tries to write to /opt/.lxc-attach-script inside of the container. If the attacker can wri...

7.8CVSS7.8AI score0.00468EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/05/02 12:0 a.m.22 views

Fedora 22 : ansible-2.0.2.0-1.fc22 (2016-ab154c56dd)

Update to 2.0.2.0. https://github.com/ansible/ansible/blob/stable-2.0/CHANGELOG.md Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

7.8CVSS7.5AI score0.00468EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/04/27 12:0 a.m.22 views

Fedora 23 : ansible1.9-1.9.6-1.fc23 (2016-65519440f5)

Update to 1.9.6. Fixes bug 1327744 as well as CVE-2016-3096 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

7.8CVSS7.5AI score0.00468EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/27 12:0 a.m.26 views

Fedora 22 : ansible1.9-1.9.6-1.fc22 (2016-28ff51a3f5)

Update to 1.9.6. Fixes bug 1327744 as well as CVE-2016-3096 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

7.8CVSS7.5AI score0.00468EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/04/26 12:0 a.m.18 views

Fedora Update for ansible1.9 FEDORA-2016-65519440

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.00468EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/21 12:0 a.m.20 views

FreeBSD : ansible -- use of predictable paths in lxc_container (253c6889-06f0-11e6-925f-6805ca0b3d42)

Ansible developers report : CVE-2016-3096: do not use predictable paths in lxccontainer - do not use a predictable filename for the LXC attach script - don't use predictable filenames for LXC attach script logging - don't set a predictable archivepath this should prevent symlink attacks which cou...

7.8CVSS8.4AI score0.00468EPSS
Exploits0References4
Rows per page
Query Builder