3 matches found
openstack-tripleo-heat-templates package information disclosure vulnerability
The openstack-triple-heat-templates package is a set of generic template packages that support installation, upgrades, and other operations on the Openstack platform using the Openstack Cloud Facility. A security vulnerability exists in the openstack-tripleo-heat-templates package that stems from...
ceph-deploy weak privilege vulnerability
ceph-deploy is a set of tools for deploying clustered storage systems. ceph-deploy fails to securely create ceph/ceph.client.admin.keyring file permissions, allowing a local attacker to read the file for sensitive information...
UBUNTU-CVE-2015-4053
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...