9 matches found
CLSA-2026-1777566732 Fix CVE(s): CVE-2018-10841
SECURITY UPDATE: privilege escalation on glusterd nodes via the CLI RPC program being exposed on the TCP listener when management-plane SSL is enabled, allowing a TLS-authenticated client outside the trusted storage pool to issue privileged volume-management commands via gluster --remote-host -...
[SECURITY] [DLA 2806-1] glusterfs security update
Debian LTS Advisory DLA-2806-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 01, 2021 https://wiki.debian.org/LTS Package : glusterfs Version : 3.8.8-1+deb9u1 CVE ID : CVE-2018-1088 CVE-2018-10841 CVE-2018-10904 CVE-2018-10907 CVE-2018-10911...
GLSA-201904-06 : GlusterFS: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201904-06 GlusterFS: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GlusterFS. Please review the referenced CVE identifiers for details. Impact : Please review the referenced CVE identifiers for details...
EulerOS 2.0 SP3 : glusterfs (EulerOS-SA-2018-1229)
According to the version of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in glusterfs which can lead to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use...
Fedora Update for glusterfs FEDORA-2018-d873767641
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : glusterfs (RHSA-2018:1954)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1954 advisory. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance fo...
RHEL 6 : glusterfs (RHSA-2018:1955)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1955 advisory. - glusterfs: access trusted peer group via remote-host command CVE-2018-10841 Note that Nessus has not tested for this issue but has instead relied...
CVE-2018-10841
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...
Important: Red Hat Security Advisory: glusterfs security update
An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 7 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...