24 matches found
MiracleLinux 7 : pacemaker-1.1.19-8.el7.5 (AXSA:2019-3935:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3935:04 advisory. pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc CVE-2018-16877 pacemaker: Insufficient...
Alibaba Cloud Linux 3 : 0004: pacemaker (ALINUX3-SA-2021:0004)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0004 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-3885: A use-after-free flaw was...
Linux Distros Unpatched Vulnerability : CVE-2019-3885
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system...
Security Bulletin: IBM MQ Appliance is affected by Pacemaker vulnerabilities (CVE-2018-16878, CVE-2018-16877, CVE-2019-3885)
Summary IBM MQ Appliance has resolved Pacemaker vulnerabilities. Vulnerability Details CVEID: CVE-2018-16878 DESCRIPTION: Pacemaker is vulnerable to a denial of service, caused by an insufficient verification inflicted preference of uncontrolled processes. A remote attacker could exploit this...
Security Bulletin: IBM MQ is affected by multiple vulnerabilities in Pacemaker
Summary Multiple vulnerabilities were identified in the Pacemaker component that is bundled with IBM MQ Advanced for use by replicated data queue managers RDQM. Vulnerability Details CVEID: CVE-2018-16878 DESCRIPTION: Pacemaker is vulnerable to a denial of service, caused by an insufficient...
Amazon Linux 2 : pacemaker (ALAS-2019-1275)
A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. CVE-2018-16878 A use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs. CVE-2019-3885 A flaw was...
Important: pacemaker
Issue Overview: A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. CVE-2018-16878 A use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs. CVE-2019-38...
Oracle Linux 8 : pacemaker (ELSA-2019-1279)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1279 advisory. - Improve clients' authentication of IPC servers CVE-2018-16877 - Fix use-after-free with potential information disclosure CVE-2019-3885 - Improve...
Scientific Linux Security Update : pacemaker on SL7.x x86_64 (20190528)
Security Fixes : - pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc CVE-2018-16877 - pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS CVE-2018-16878 - pacemaker: Information disclosure...
RHEL 7 : pacemaker (RHSA-2019:1278)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1278 advisory. The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application...
Important: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
openSUSE: Security Advisory for pacemaker (openSUSE-SU-2019:1400-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : pacemaker (openSUSE-2019-1400)
This update for pacemaker fixes the following issues : Security issues fixed : - CVE-2019-3885: Fixed an information disclosure in log output. bsc1131357 - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. bsc1131356 - CVE-2018-16878: Fixed ...
SUSE-SU-2019:1209-1 Security update for pacemaker
This update for pacemaker fixes the following issues: Security issues fixed: - CVE-2019-3885: Fixed an information disclosure in log output. bsc1131357 - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. bsc1131356 - CVE-2018-16878: Fixed a...
Fedora 29 : pacemaker (2019-b502250ba4)
Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 28 : pacemaker (2019-e71f6f36ac)
Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 30 : pacemaker (2019-e4c8de3fb7)
Security fix for CVE-2019-3885, CVE-2018-16877, CVE-2018-16878 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Ubuntu: Security Advisory (USN-3952-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3952-1: Pacemaker vulnerabilities
Jan Pokorný discovered that Pacemaker incorrectly handled client-server authentication. A local attacker could possibly use this issue to escalate privileges. CVE-2018-16877 Jan Pokorný discovered that Pacemaker incorrectly handled certain verifications. A local attacker could possibly use this...
CVE-2019-3885
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs...