12 matches found
EUVD-2016-0751
Malware in sbrugna...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in pcsd web UI in pcs before 0.9.149...
CVE-2016-0720
Cross-site request forgery CSRF vulnerability in pcsd web UI in pcs before 0.9.149...
CVE-2016-0720
Cross-site request forgery CSRF vulnerability in pcsd web UI in pcs before 0.9.149...
CVE-2016-0720
Cross-site request forgery CSRF vulnerability in pcsd web UI in pcs before 0.9.149...
pcs: Cross-Site Request Forgery in web UI
A Cross-Site Request Forgery CSRF flaw was found in the pcsd web UI. A remote attacker could provide a specially crafted web page that, when visited by a user with a valid pcsd session, would allow the attacker to trigger requests on behalf of the user, for example removing resources or...
pcs: Command injection with root privileges.
A command injection flaw was found in the pcsd web UI. An attacker able to trick a victim that was logged in to the pcsd web UI into visiting a specially crafted URL could use this flaw to execute arbitrary code with root privileges on the server hosting the web UI...
pcs: Incorrect authorization when using pcs web UI
A race condition was found in the way the pcsd web UI backend performed authorization of user requests. An attacker could use this flaw to send a request that would be evaluated as originating from a different user, potentially allowing the attacker to perform actions with permissions of a more...
Scientific Linux Security Update : pcs on SL7.x x86_64 (20150512)
It was found that the pcs daemon did not sign cookies containing session data that were sent to clients connecting via the pcsd web UI. A remote attacker could use this flaw to forge cookies and bypass authorization checks, possibly gaining elevated privileges in the pcsd web UI. CVE-2015-1848 Th...
pcs, python security update
CentOS Errata and Security Advisory CESA-2015:0980 Updated pcs packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base...
pcs security update
CentOS Errata and Security Advisory CESA-2015:0990 Updated pcs packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base...
Important: Red Hat Security Advisory: pcs security and bug fix update
Updated pcs packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...