17 matches found
SUSE CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
CVE-2018-1088
A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink. Mitigation To limit exposure of gluster server nodes : 1...
Arbitrary Code Execution
Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Red Ha...
glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
Privilege escalation
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
DEBIAN-CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
UBUNTU-CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
CVE-2018-1088
CVE-2018-1088 affects GlusterFS 3.x via the snapshot scheduler: an unauthenticated client could exploit the scheduler to mount shared storage and escalate privileges by scheduling a malicious cronjob via a symlink. The issue is tied to a regression/regression-related chain (CVE-2018-1112) in patc...
CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
CVE-2018-1088
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
A privilege escalation flaw was found in gluster snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink...
PT-2018-3746 · Red Hat +3 · Gluster +3
Name of the Vulnerable Software and Affected Versions: gluster versions 3.x Description: The issue is related to a privilege escalation flaw in the gluster snapshot scheduler, which can be exploited by scheduling a malicious cronjob via symlink. This flaw allows an attacker to escalate privileges...
Important: Red Hat Security Advisory: Red Hat Gluster Storage 3.1 update
Red Hat Gluster Storage 3.1, which fixes multiple security issues, several bugs, and adds various enhancements, is now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...