CVE-2024-5651 Fence-agents-remediation: fence agent command line options leads to remote code execution

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...

CVE-2024-5651

CVE-2024-5651 affects the Fence Agents Remediation Operator. A flaw in handling --ssh-path/--telnet-path arguments enables Remote Code Execution, allowing a low-privilege user to craft a FenceAgentsRemediation that executes arbitrary commands on the operator pod, escalating from the operator’s se...

Denial Of Service (DoS)

fence-agent is vulnerable to denial of service. This vulnerability existed where using non-ASCII characters in a guest VM's comment or other fields would cause fencerhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying...

openSUSE: Security Advisory for fence-agents (openSUSE-SU-2019:1751-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:1751-1 Security update for fence-agents

This update for fence-agents version 4.4.0 fixes the following issues: Security issue fixed: - CVE-2019-10153: Fixed a denial of service via guest VM comments bsc1137314. Non-security issue fixed: - Added aliyun fence agent bsc1139913. This update was imported from the SUSE:SLE-15-SP1:Update upda...

Security update for fence-agents (low)

openSUSE Security Update: Security update for fence-agents Announcement ID: openSUSE-SU-2019:1751-1 Rating: low References: 1137314 1139913 Cross-References: CVE-2019-10153 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

SUSE-SU-2019:1809-1 Security update for fence-agents

This update for fence-agents version 4.4.0 fixes the following issues: Security issue fixed: - CVE-2019-10153: Fixed a denial of service via guest VM comments bsc1137314. Non-security issue fixed: - Added aliyun fence agent bsc1139913...

RHEL 5 : cman (RHSA-2009:1341)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1341 advisory. The Cluster Manager cman utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in...

CentOS Update for luci CESA-2013:0128 centos5

Check for the Version of luci OpenVAS Vulnerability Test CentOS Update for luci CESA-2013:0128 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

luci, ricci security update

CentOS Errata and Security Advisory CESA-2013:0128 Updated conga packages that fix one security issue, multiple bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common...

Scientific Linux Security Update : fence on SL4.x i386/x86_64

Insecure temporary file use flaws were found in fenceegenera, fenceapc, and fenceapcsnmp. A local attacker could use these flaws to overwrite an arbitrary file writable by the victim running those utilities via a symbolic link attack. CVE-2008-4192, CVE-2008-4579 This update also fixes the...

Scientific Linux Security Update : cman on SL5.x i386/x86_64

Multiple insecure temporary file use flaws were found in fenceapcsnmp and ccstool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with the output of the utilities via a symbolic link attack. CVE-2008-4579,...

CentOS Update for cman CESA-2009:1341 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Low: Red Hat Security Advisory: fence security, bug fix, and enhancement update

An updated fence package that fixes multiple security issues, several bugs, and adds two enhancements is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which...

cman/fence: insecure temporary file usage in the egenera fence agent

The pservershutdown function in fenceegenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...

cman/fence: insecure temporary file usage in the egenera fence agent

The pservershutdown function in fenceegenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...

CentOS 5 : cman (CESA-2009:1341)

Updated cman packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The Cluster Manager cman utility provides services for...

cman security, bug fix, and enhancement update

2.0.115-1 - RSA II fencing agent has been fixed. - Resolves: rhbz493802 2.0.114-1 - local variable 'verbosefilename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz493802 rhbz514758 2.0.113-1 - Limitations with 2-node fencescsi are now properly...

Low: Red Hat Security Advisory: cman security, bug fix, and enhancement update

Updated cman packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The Cluster Manager cman utility provides services for...