Lucene search
K

422 matches found

RedHat Linux
RedHat Linux
added 2013/07/23 5:44 p.m.35 views

Moderate: Red Hat Security Advisory: ruby193-ruby security update

Updated ruby193-ruby packages that fix one security issue are now available for Red Hat OpenStack 3.0 Grizzly. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

6.8CVSS7AI score0.02767EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2013/07/23 12:0 a.m.53 views

Foreman (Red Hat OpenStack/Satellite) Code Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4 'Foreman Red Hat OpenStack/Satellite...

6CVSS6.6AI score0.24782EPSS
Exploits5
0day.today
0day.today
added 2013/07/23 12:0 a.m.88 views

Foreman (Red Hat OpenStack/Satellite) Code Injection Vulnerability

This Metasploit module exploits a code injection vulnerability in the 'create' action of 'bookmarks' controller of Foreman and Red Hat OpenStack/Satellite Foreman 1.2.0-RC1 and earlier. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions...

6CVSS7AI score0.24782EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/07/23 12:0 a.m.47 views

Foreman (RedHat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4 'Foreman Red Hat OpenStack/Satellite...

6CVSS7AI score0.24782EPSS
Exploits5
Metasploit
Metasploit
added 2013/07/22 6:24 p.m.45 views

Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment

This module exploits a mass assignment vulnerability in the 'create' action of 'users' controller of Foreman and Red Hat OpenStack/Satellite Foreman 1.2.0-RC1 and earlier by creating an arbitrary administrator account. For this exploit to work, your account must have 'createusers' permission e.g....

6CVSS6.9AI score0.20934EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2013/07/16 5:18 p.m.45 views

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.2CVSS6.4AI score0.01022EPSS
Exploits4References14
Metasploit
Metasploit
added 2013/07/16 3:7 p.m.43 views

Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection

This module exploits a code injection vulnerability in the 'create' action of 'bookmarks' controller of Foreman and Red Hat OpenStack/Satellite Foreman 1.2.0-RC1 and earlier. This module requires Metasploit: https://metasploit.com/download Current source:...

6CVSS7.5AI score0.24782EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2013/06/27 4:38 p.m.35 views

Important: Red Hat Security Advisory: Foreman security and bug fix update

Updated Foreman packages that fix two security issues and multiple bugs are now available for Red Hat OpenStack 3.0 Grizzly Preview. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6CVSS6.2AI score0.24782EPSS
Exploits9References9
NVD
NVD
added 2013/04/10 3:55 p.m.19 views

CVE-2012-6120

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files...

2.1CVSS5.7AI score0.00387EPSS
Exploits0References1
OSV
OSV
added 2013/04/10 3:55 p.m.3 views

DEBIAN-CVE-2012-6120

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files...

2.1CVSS6.2AI score0.00387EPSS
Exploits0References1
OSV
OSV
added 2013/04/10 3:55 p.m.9 views

CVE-2012-6120

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files...

5.6AI score
Exploits0References1
Prion
Prion
added 2013/04/10 3:55 p.m.11 views

Design/Logic Flaw

PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file...

4.4CVSS6.7AI score0.00455EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2013/04/10 3:55 p.m.30 views

CVE-2012-6120

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files...

2.1CVSS5.9AI score0.00387EPSS
Exploits0References1
Prion
Prion
added 2013/04/10 3:55 p.m.21 views

Code injection

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files...

2.1CVSS6.1AI score0.00387EPSS
Exploits0References1
CVE
CVE
added 2013/04/10 3:0 p.m.75 views

CVE-2012-6120

CVE-2012-6120 concerns Puppet: Red Hat OpenStack Essex/Folsom created /var/log/puppet with world-readable permissions, enabling local users to access Puppet log files. The Debian DLA-29-1 advisory reiterates the same issue for the Debian puppet package. Affected component: Puppet log directory ha...

2.1CVSS5.6AI score0.00387EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2013/04/10 3:0 p.m.47 views

CVE-2013-1815

CVE-2013-1815 affects PackStack 2012.2.3 in Red Hat OpenStack Essex/Folsom, where the answer file could be created in insecure directories (e.g., /tmp or cwd), enabling local modification of deployed systems. The RHSA-2013:0671 advisory documents the fix: after the update, PackStack creates the a...

6.1CVSS5.3AI score0.00455EPSS
Exploits1References4Affected Software3
Cvelist
Cvelist
added 2013/04/10 3:0 p.m.33 views

CVE-2013-1815 Packstack: red hat openstack: packstack: unauthorized system modification via insecure answer file creation

A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications...

6.1CVSS6.2AI score0.00455EPSS
Exploits1References4
Cvelist
Cvelist
added 2013/04/10 3:0 p.m.28 views

CVE-2012-6120

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files...

5.5AI score0.00387EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2013/04/10 3:0 p.m.34 views

CVE-2012-6120

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files...

2.1CVSS5.7AI score0.00387EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2013/04/04 8:16 p.m.32 views

Important: Red Hat Security Advisory: puppet security update

Updated puppet packages that fix several security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

9CVSS6.3AI score0.04927EPSS
Exploits0References7
Rows per page
Query Builder