CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

DEBIAN-CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

CVE-2016-7035

CVE-2016-7035 affects Pacemaker prior to 1.1.16, due to an authorization flaw on the IPC interface. An unprivileged local attacker could force the Local Resource Manager daemon to execute a script as root, gaining full euid/root access. The issue is mitigated by upgrading Pacemaker to 1.1.16 or n...

CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

CVE-2016-7035

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain roo...

pcs security update

CentOS Errata and Security Advisory CESA-2018:1927 An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CentOS Update for pcs CESA-2018:1060 centos7

Check the version of pcs SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882895";...

CentOS 7 : pcs (CESA-2018:1060)

An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

pcs security update

CentOS Errata and Security Advisory CESA-2018:1060 An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2017-12714

Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life. CVSS v3 base score: 5.3, CVSS...

CVE-2017-12712

The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3...

Medicine pumps & Pacemaker threat as Dr’s simulate hacked overdose

By Waqas Doctors Demonstrate Dangers of Hacked Medicine Pumps By Simulating Emergency This is a post from HackRead.com Read the original post: Medicine pumps & Pacemaker threat as Dr’s simulate hacked overdose...

[SECURITY] Fedora 27 Update: pcs-0.9.164-1.fc27

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...

[SECURITY] Fedora 26 Update: pcs-0.9.160-2.fc26

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...

[SECURITY] Fedora 28 Update: pcs-0.9.164-1.fc28

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...

Debian DSA-4169-1 : pcs - security update

Cedric Buissart from Red Hat discovered an information disclosure bug in pcs, a pacemaker command line interface and GUI. The REST interface normally doesn't allow passing --debug parameter to prevent information leak, but the check wasn't sufficient. C Tenable Network Security, Inc. The...

Ubuntu 14.04 LTS / 16.04 LTS : Pacemaker vulnerabilities (USN-3462-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3462-1 advisory. Jan Pokorn and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue t...

Ubuntu: Security Advisory (USN-3462-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...