72 matches found
glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
Denial of Service Vulnerability in Multiple Huawei Switches
Huawei CloudEngine 12800, CloudEngine 6800, CloudEngine 7800, CloudEngine 8800 are Huawei's switch devices. A denial of service vulnerability exists in multiple Huawei switches. Due to improper management of device resources, a remote attacker with certain privileges can exploit the vulnerability...
CentOS 6 : libvirt (CESA-2014:0560)
Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
libvirt security update
CentOS Errata and Security Advisory CESA-2014:0560 Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring Syst...
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20140527)
It was found that libvirt passes the XMLPARSENOENT flag when parsing XML documents using the libxml2 library, in which case all XML entities in the parsed documents are expanded. A user able to force libvirtd to parse an XML document with an entity pointing to a special file that blocks on read...
Moderate: Red Hat Security Advisory: libvirt security and bug fix update
Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Fedora 17 : openstack-nova-2012.1.3-3.fc17 (2013-1816)
disallow boot from arbitrary volumes CVE-2013-0208 - Disable image cache cleanup to avoid issues with shared storage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format...
Low: Red Hat Bug Fix Advisory: sanlock bug fix and enhancement update
Updated sanlock packages that fix various bugs and add various enhancements are now available for Red Hat Enterprise Virtualization. The sanlock package provides a shared storage lock manager. Hosts with shared access to a block device or file can use sanlock to synchronize their activities. VDSM...
Scientific Linux Security Update : conga on SL5.x i386/x86_64
A flaw was found in ricci during a code audit. A remote attacker who is able to connect to ricci could cause ricci to temporarily refuse additional connections, a denial of service CVE-2007-4136. Fixes in this updated package include : - The nodename is now set for manual fencing. - The node log ...
conga security, bug fix, and enhancement update
0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...
Moderate: Red Hat Security Advisory: conga security, bug fix, and enhancement update
Updated conga packages that correct a security flaw and provide bug fixes and add enhancements are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Conga package is a web-based administration tool for remote cluster and storag...
Low: Red Hat Bug Fix Advisory: conga bug fix update
Updated conga packages that provide critical bug fixes are now available. The Conga package is a web-based administration tool for remote cluster and storage management. This erratum applies the following bug fixes: - The borrowed Zope packages used by Conga have been patched to eliminate a...