2310 matches found
UBUNTU-CVE-2015-3010
ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
PYSEC-2015-2
ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
CVE-2015-3010
ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
CVE-2015-3010
CVE-2015-3010 affects the toolset ceph-deploy prior to version 1.5.23. Affected component: the file ceph/ceph.client.admin.keyring; its permissions are weakly set to 644, allowing local users to read the file and obtain sensitive information. The vulnerability is limited to local access with the ...
RHEL 6 / 7 : ceph-deploy (RHSA-2015:1092)
An updated ceph-deploy package that fixes two security issues is now available for Red Hat Ceph Storage. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
ceph-deploy admin command copies keyring file to /etc/ceph which is world readable
It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...
ceph-deploy: keyring permissions are world readable in ~ceph
It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...
Microsoft Internet Explorer CVE-2015-1747 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
CVE-2015-4053
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
CVE-2015-4053
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
Command injection
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
PYSEC-2015-3
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
PYSEC-2015-3
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
UBUNTU-CVE-2015-4053
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
CVE-2015-4053
CVE-2015-4053 affects ceph-deploy prior to 1.5.25, where the admin keyring (/etc/ceph/ceph.client.admin.keyring) is created with world-readable permissions. This allows a local user to read sensitive credentials. Remediation: upgrade ceph-deploy to 1.5.25 or newer (as cited by Red Hat and OSV/GHS...
Fedora 22 : ceph-deploy-1.5.23-1.fc22 (2015-5953)
Update to ceph-deploy 1.5.23. This fixes CVE-2015-3010 keyring permissions are world readable in ceph. See upstream changelog for detailed changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora 21 : ceph-deploy-1.5.23-1.fc21 (2015-5981)
Update to ceph-deploy 1.5.23. This fixes CVE-2015-3010 keyring permissions are world readable in ceph. See upstream changelog for detailed changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora Update for ceph-deploy FEDORA-2015-5981
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 21 Update: ceph-deploy-1.5.23-1.fc21
An easy to use admin tool for deploy ceph storage clusters...
[SECURITY] Fedora 22 Update: ceph-deploy-1.5.23-1.fc22
An easy to use admin tool for deploy ceph storage clusters...