251 matches found
Design/Logic Flaw
A flaw was found in RPC request using gfs3renamereq in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume...
CVE-2018-10930
A flaw was found in RPC request using gfs3renamereq in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume...
CVE-2018-10930
A flaw was found in RPC request using gfs3renamereq in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume...
Design/Logic Flaw
A flaw was found in RPC request using gfs2createreq in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes...
CVE-2018-10929
A flaw was found in RPC request using gfs2createreq in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes...
CVE-2018-10929
A flaw was found in RPC request using gfs2createreq in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes...
CVE-2018-10929
CVE-2018-10929 affects GlusterFS (server side), where an authenticated attacker could exploit improper validation in the RPC path (gfs2_create_req) to create arbitrary files and potentially execute arbitrary code on storage server nodes. Connected advisories reference multiple vendors (Debian, Re...
CVE-2018-10930
CVE-2018-10930 affects GlusterFS server: an authenticated attacker can misuse RPC gfs3_rename_req to write outside the gluster volume. Affected product variant shown in connected docs is PowerKVM 3.1; remediation provided via updates to GlusterFS (e.g., Red Hat/CentOS advisories and Debian LTS no...
CVE-2018-10930
A flaw was found in RPC request using gfs3renamereq in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume...
CVE-2018-10929
A flaw was found in RPC request using gfs2createreq in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes...
Path traversal
A flaw was found in RPC request using gfs3mknodreq supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node...
CVE-2018-10927
A flaw was found in RPC request using gfs3lookupreq in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process...
CVE-2018-10928
A flaw was found in RPC request using gfs3symlinkreq in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on...
CVE-2018-10927
A flaw was found in RPC request using gfs3lookupreq in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process...
CVE-2018-10926
A flaw was found in RPC request using gfs3mknodreq supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node...
CVE-2018-10926
A flaw was found in RPC request using gfs3mknodreq supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node...
Design/Logic Flaw
A flaw was found in RPC request using gfs3lookupreq in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process...
Design/Logic Flaw
A flaw was found in RPC request using gfs3symlinkreq in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on...
CVE-2018-10927
A flaw was found in RPC request using gfs3lookupreq in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process...
CVE-2018-10926
A flaw was found in RPC request using gfs3mknodreq supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node...