22 matches found
MiracleLinux 7 : pacemaker-1.1.19-8.el7.5 (AXSA:2019-3935:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3935:04 advisory. pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc CVE-2018-16877 pacemaker: Insufficient...
Linux Distros Unpatched Vulnerability : CVE-2018-16877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw...
[SECURITY] [DLA 2519-1] pacemaker security update
Debian LTS Advisory DLA-2519-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 06, 2021 https://wiki.debian.org/LTS Package : pacemaker Version : 1.1.24-0+deb9u1 CVE ID : CVE-2018-16877 CVE-2018-16878 CVE-2020-25654 Several security vulnerabilities were...
Security Bulletin: IBM MQ Appliance is affected by Pacemaker vulnerabilities (CVE-2018-16878, CVE-2018-16877, CVE-2019-3885)
Summary IBM MQ Appliance has resolved Pacemaker vulnerabilities. Vulnerability Details CVEID: CVE-2018-16878 DESCRIPTION: Pacemaker is vulnerable to a denial of service, caused by an insufficient verification inflicted preference of uncontrolled processes. A remote attacker could exploit this...
Security Bulletin: IBM MQ is affected by multiple vulnerabilities in Pacemaker
Summary Multiple vulnerabilities were identified in the Pacemaker component that is bundled with IBM MQ Advanced for use by replicated data queue managers RDQM. Vulnerability Details CVEID: CVE-2018-16878 DESCRIPTION: Pacemaker is vulnerable to a denial of service, caused by an insufficient...
SUSE-SU-2020:1072-1 Security update for pacemaker
This update for pacemaker fixes the following issues: - CVE-2018-16877: Fixed an issue with insufficient local IPC client-server authentication on the client's side bsc1131356. - CVE-2018-16878: Fixed a denial of service related to insufficient verification of uncontrolled processes bsc1131353...
Amazon Linux 2 : pacemaker (ALAS-2019-1275)
A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. CVE-2018-16878 A use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs. CVE-2019-3885 A flaw was...
Important: pacemaker
Issue Overview: A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. CVE-2018-16878 A use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs. CVE-2019-38...
Oracle Linux 8 : pacemaker (ELSA-2019-1279)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1279 advisory. - Improve clients' authentication of IPC servers CVE-2018-16877 - Fix use-after-free with potential information disclosure CVE-2019-3885 - Improve...
Scientific Linux Security Update : pacemaker on SL7.x x86_64 (20190528)
Security Fixes : - pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc CVE-2018-16877 - pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS CVE-2018-16878 - pacemaker: Information disclosure...
RHEL 7 : pacemaker (RHSA-2019:1278)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1278 advisory. The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application...
Important: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
openSUSE: Security Advisory for pacemaker (openSUSE-SU-2019:1400-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : pacemaker (openSUSE-2019-1400)
This update for pacemaker fixes the following issues : Security issues fixed : - CVE-2019-3885: Fixed an information disclosure in log output. bsc1131357 - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. bsc1131356 - CVE-2018-16878: Fixed ...
SUSE-SU-2019:1209-1 Security update for pacemaker
This update for pacemaker fixes the following issues: Security issues fixed: - CVE-2019-3885: Fixed an information disclosure in log output. bsc1131357 - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. bsc1131356 - CVE-2018-16878: Fixed a...
openSUSE Security Update : pacemaker (openSUSE-2019-1342)
This update for pacemaker fixes the following issues : Security issues fixed : - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. bsc1131356 - CVE-2018-16878: Fixed a denial of service through insufficient verification inflicted preference ...
Fedora 29 : pacemaker (2019-b502250ba4)
Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 28 : pacemaker (2019-e71f6f36ac)
Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 30 : pacemaker (2019-e4c8de3fb7)
Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Ubuntu: Security Advisory (USN-3952-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...