15 matches found
EUVD-2015-1953
Malware in sbrugna...
EUVD-2016-6672
Malware in sbrugna...
RHEL 7 : openstack-puppet-modules (RHSA-2017:0359)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:0359 advisory. openstack-puppet-modules provides a collection of Puppet modules which Red Hat OpenStack Platform director uses to install and configure OpenStack...
RHEL 6 : openstack-packstack and openstack-puppet-modules update (Important) (RHSA-2015:0832)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0832 advisory. PackStack is a command-line utility for deploying OpenStack on existing servers over an SSH connection. Deployment options are provided either...
RHSA-2015:0831 Red Hat Security Advisory: openstack-packstack and openstack-puppet-modules update
Bulletin has no description...
RHSA-2015:0789 Red Hat Security Advisory: openstack-packstack and openstack-puppet-modules security and bug fix update
Bulletin has no description...
RHSA-2017:0359 Red Hat Security Advisory: openstack-puppet-modules security update
Bulletin has no description...
RHSA-2017:0361 Red Hat Security Advisory: openstack-puppet-modules security update
Bulletin has no description...
Cross site scripting
The Gerrit configuration in the Openstack Puppet module for Gerrit aka puppet-gerrit improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting XSS attacks via a crafted review...
PT-2017-8755
Name of the Vulnerable Software and Affected Versions Openstack Puppet module for Gerrit affected versions not specified Description The issue is related to the Gerrit configuration in the Openstack Puppet module, where text/html is improperly marked as a safe mimetype. This could potentially all...
openstack-puppet-modules: pacemaker configured with default password
It was discovered that the puppet manifests, as provided with the openstack-puppet-modules package, would configure the pcsd daemon with a known default password. If this password was not changed and an attacker was able to gain access to pcsd, they could potentially run shell commands as root...
openstack-puppet-modules: pacemaker configured with default password
It was discovered that the puppet manifests, as provided with the openstack-puppet-modules package, would configure the pcsd daemon with a known default password. If this password was not changed and an attacker was able to gain access to pcsd, they could potentially run shell commands as root...
CVE-2015-1842
The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for the pcsd daemon, which allows remote attackers to execute arbitrary shell commands via unspecified vectors...
Default credentials
The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for the pcsd daemon, which allows remote attackers to execute arbitrary shell commands via unspecified vectors...
CVE-2015-1842
CVE-2015-1842 relates to Red Hat OpenStack modules where the puppet manifests in the openstack-puppet-modules package were configured with a known default password for the pcsd daemon (CHANGEME). If this password is not changed and an attacker can access pcsd remotely, they could execute arbitrar...