13 matches found
Link Following in ansible
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
Ansible: Privilege escalation
Background Ansible is a radically simple IT automation platform. Description The createscript function in the lxccontainer module of Ansible uses predictable temporary file names, making it vulnerable to a symlink attack. Impact Local attackers could write arbitrary files or gain escalated...
CVE-2016-3096
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
CVE-2016-3096
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
PYSEC-2016-1
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
Directory traversal
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
CVE-2016-3096
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
CVE-2016-3096
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
CVE-2016-3096
CVE-2016-3096 affects the Ansible lxc_container module: the create_script function allows a local user to write arbitrary files or gain privileges via a symlink attack targeting (1) /opt/.lxc-attach-script, (2) the archived container in archive_path, or (3) lxc-attach-script.log, (4) lxc-attach-s...
MGASA-2016-0163 Updated ansible packages fix CVE-2016-3096
Updated ansible package fixes security vulnerability: A vulnerability in lxccontainer, ansible module, was found allowing to get root inside the container. The problem is in the createscript function, which tries to write to /opt/.lxc-attach-script inside of the container. If the attacker can wri...
Updated ansible packages fix CVE-2016-3096
Updated ansible package fixes security vulnerability: A vulnerability in lxccontainer, ansible module, was found allowing to get root inside the container. The problem is in the createscript function, which tries to write to /opt/.lxc-attach-script inside of the container. If the attacker can wri...
FreeBSD : ansible -- use of predictable paths in lxc_container (253c6889-06f0-11e6-925f-6805ca0b3d42)
Ansible developers report : CVE-2016-3096: do not use predictable paths in lxccontainer - do not use a predictable filename for the LXC attach script - don't use predictable filenames for LXC attach script logging - don't set a predictable archivepath this should prevent symlink attacks which cou...
ansible -- use of predictable paths in lxc_container
Ansible developers report: CVE-2016-3096: do not use predictable paths in lxccontainer do not use a predictable filename for the LXC attach script don't use predictable filenames for LXC attach script logging don't set a predictable archivepath this should prevent symlink attacks which could resu...