6 matches found
GLSA-201904-06 : GlusterFS: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201904-06 GlusterFS: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GlusterFS. Please review the referenced CVE identifiers for details. Impact : Please review the referenced CVE identifiers for details...
Fedora 29 : glusterfs (2018-986f0b7fb0)
5.1 GA , security fixes for: CVE-2018-14651 CVE-2018-14652 CVE-2018-14653 CVE-2018-14654 CVE-2018-14659 CVE-2018-14660 CVE-2018-14661 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...
RHEL 7 : Red Hat Virtualization (RHSA-2018:3470)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3470 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...
RHEL 7 : glusterfs (RHSA-2018:3432)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3432 advisory. - glusterfs: glusterfs server exploitable via symlinks to relative paths CVE-2018-14651 - glusterfs: Buffer overflow in features/locks...
CVE-2018-14654
CVE-2018-14654 affects GlusterFS (up to 4.1.x) via the GF_XATTROP_ENTRY_IN_KEY path in the translator used during mounting, allowing a remote attacker with access to mounted volumes to create arbitrary, empty files on the server. Exploitation details are not provided in the given documents. Remed...
CVE-2018-14654
A flaw was found in the way glusterfs server handles client requests. A remote, authenticated attacker could set arbitrary values for the GFXATTROPENTRYINKEY and GFXATTROPENTRYOUTKEY during xattrop file operation resulting in creation and deletion of arbitrary files on glusterfs server node...