745 matches found
RHEL 7 : pacemaker (RHSA-2015:2383)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:2383 advisory. The Pacemaker Resource Manager is a collection of technologies working together to provide data integrity and the ability to maintain application...
pacemaker: acl read-only access allow role assignment
A flaw was found in the way pacemaker, a cluster resource manager, evaluated added nodes in certain situations. A user with read-only access could potentially assign any other existing roles to themselves and then add privileges to other users as well...
Moderate: Red Hat Security Advisory: pacemaker security, bug fix, and enhancement update
Updated pacemaker packages that fix one security issue, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
[SECURITY] Fedora 21 Update: pacemaker-1.1.13-3.fc21
Pacemaker is an advanced, scalable High-Availability cluster resource manager for Corosync, CMAN and/or Linux-HA. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when...
[SECURITY] Fedora 23 Update: pacemaker-1.1.13-3.fc23
Pacemaker is an advanced, scalable High-Availability cluster resource manager for Corosync, CMAN and/or Linux-HA. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when...
CVE-2011-5271
Pacemaker before 1.1.6 configure script creates temporary files insecurely...
[SECURITY] Fedora 22 Update: pacemaker-1.1.13-3.fc22
Pacemaker is an advanced, scalable High-Availability cluster resource manager for Corosync, CMAN and/or Linux-HA. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when...
Oracle: Security Advisory (ELSA-2013-1635)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 21 Update: pcs-0.9.137-5.fc21
pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and created pacemaker based clusters...
[SECURITY] Fedora 22 Update: pcs-0.9.139-7.fc22
pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and created pacemaker based clusters...
PCS pcsd web UI OS Command Injection Vulnerability
PCS is a set of tools for configuring and managing Pacemaker and Corosync clustering software using the command line and web UI. A security vulnerability exists in the pcsd web UI in PCS 0.9.139 and earlier versions. The vulnerability can be exploited by a remote attacker to execute arbitrary...
PCS pcsd competitive conditions loophole
PCS is a set of tools for configuring and managing Pacemaker and Corosync clustering software using the command line and web UI. A competitive condition vulnerability exists in PCS 0.9.139 and prior versions of pcsd that stems from the program's use of global variables to validate usernames. A...
pcs, python security update
CentOS Errata and Security Advisory CESA-2015:1700 Updated pcs packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...
Important: Red Hat Security Advisory: pcs security update
Updated pcs packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available f...
CVE-2015-1867
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command...
CVE-2015-1867
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command...
Command injection
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command...
CVE-2015-1867
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command...
CVE-2015-1867
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command...
CVE-2015-1867
CVE-2015-1867 affects Pacemaker up to version 1.1.13. The flaw arises when evaluating added nodes, enabling remote read-only users to gain privileges via an acl command. MiracleLinux advisories and other Nessus plugins link this CVE to Pacemaker releases up to 1.1.13 (and fixes in that version). ...