10 matches found
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext passwor...
PYSEC-2018-60
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext passwor...
CVE-2018-16859
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext passwor...
Code injection
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext passwor...
CVE-2018-16859
CVE-2018-16859 affects Ansible (Windows) where PowerShell ScriptBlock logging and Module logging can expose become passwords in plaintext in Event Logs when running playbooks. A local administrator can read these logs and obtain the plaintext password. The issue was noted for Ansible Engine 2.8 a...
CVE-2018-16859
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext passwor...
CVE-2018-16859
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext passwor...
CVE-2018-16859
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext passwor...
CVE-2005-2150
CVE-2005-2150 affects Windows NT 4.0 and Windows 2000 prior to URP1 for Windows 2000 SP4. It stems from insufficient handling of NULL sessions over alternate named pipes, enabling anonymous access to certain interfaces (svcctl and eventlog). Exploitation could allow an unauthenticated remote atta...
CVE-2005-2150
Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to 1 list Windows services via svcctl or 2 read eventlogs via eventlog...