31 matches found
CVE-2016-7035
CVE-2016-7035 affects Pacemaker prior to 1.1.16, due to an authorization flaw on the IPC interface. An unprivileged local attacker could force the Local Resource Manager daemon to execute a script as root, gaining full euid/root access. The issue is mitigated by upgrading Pacemaker to 1.1.16 or n...
CVE-2016-7035
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...
USN-3462-1: Pacemaker vulnerabilities
Jan Pokorný and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. CVE-2016-7035 Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker...
USN-3462-1 pacemaker vulnerabilities
Jan Pokorný and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. CVE-2016-7035 Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker...
pacemaker security update
CentOS Errata and Security Advisory CESA-2016:2614 An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
RHEL 6 : pacemaker (RHSA-2016:2675)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2675 advisory. The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain...
Important: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
pacemaker: Privilege escalation due to improper guarding of IPC communication
An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on th...
RHEL 7 : pacemaker (RHSA-2016:2614)
An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: pacemaker security and bug fix update
An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2016-7035
An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on th...