CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3704 – pulp: Unsafe use of bash $RANDOM for NSS DB password and seed
https://notcve.org/view.php?id=CVE-2016-3704
Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. Pulp en sus versiones anteriores a 2.8.5 usa la varible $RANDOM del bash de manera insegura para la generación de contraseñas. Pulp makes unsafe use of Bash's $RANDOM to generate a NSS DB password and seed resulting in insufficient randomness. An attacker could potentially guess the seed used given enough time and compute resources. • https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=1330264 https://docs.pulpproject.org/user-guide/release-notes/2.8.x.html#pulp-2-8-5 https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L25 https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L97-L105 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YM2LCC7QBRCK4LTN5EZT5OHTVAR3MYTY https:&# • CWE-255: Credentials Management Errors CWE-330: Use of Insufficiently Random Values •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3696 – pulp: Leakage of CA key in pulp-qpid-ssl-cfg
https://notcve.org/view.php?id=CVE-2016-3696
The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key. El script pulp-qpid-ssl-cfg en Pulp anterior a la versión 2.8.5 permite a usuarios locales obtener la clave de autoridad de certificación. It was found that the private CA key was created in a directory that is world-readable for a small amount of time. A local user could possibly use this flaw to gain access to the private key information in the file. • https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=1328930 https://docs.pulpproject.org/user-guide/release-notes/2.8.x.html#pulp-2-8-5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YM2LCC7QBRCK4LTN5EZT5OHTVAR3MYTY https://pulp.plan.io/issues/1854 https://access.redhat.com/security/cve/CVE-2016-3696 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-3095
https://notcve.org/view.php?id=CVE-2016-3095
server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key. El archivo server/bin/pulp-gen-ca-certificate en Pulp anterior a versión 2.8.2, permite a los usuarios locales leer la clave privada generada. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182006.html http://www.openwall.com/lists/oss-security/2016/04/06/3 http://www.openwall.com/lists/oss-security/2016/04/18/11 https://bugzilla.redhat.com/show_bug.cgi?id=1322706 https://github.com/pulp/pulp/pull/2503/commits/9f969b94c4b4f310865455d36db207de6cffebca • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3112
https://notcve.org/view.php?id=CVE-2016-3112
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user. client/consumer/cli.py en Pulp, en versiones anteriores a la 2.8.3, escribe claves privadas del usuario en etc/pki/pulp/consumer/consumer-cert.pem de forma legible para todos los usuarios, lo que permite que usuarios autenticados remotos obtengan las claves privadas de los consumidores y eleven privilegios mediante la lectura de /etc/pki/pulp/consumer/consumer-cert y autenticándose como el usuario consumidor. • http://www.openwall.com/lists/oss-security/2016/05/20/1 https://access.redhat.com/errata/RHBA-2016:1501 https://bugzilla.redhat.com/attachment.cgi?id=1146538 https://bugzilla.redhat.com/show_bug.cgi?id=1326242 https://pulp.plan.io/issues/1834 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3111
https://notcve.org/view.php?id=CVE-2016-3111
pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running. pulp.spec en el proceso de instalación para Pulp 2.8.3 genera pares de claves RSA empleadas para validar mensajes entre el servidor pulp y los usuarios de pulp en un directorio que puede ser leído por cualquier usuario antes de modificar los permisos. Esto puede permitir que los usuarios locales lean las claves RSA generadas mediante la lectura de archivos de claves mientras se está ejecutando el proceso de instalación. • http://pkgs.fedoraproject.org/cgit/rpms/pulp.git/tree/pulp.spec#n317 http://pkgs.fedoraproject.org/cgit/rpms/pulp.git/tree/pulp.spec#n620 http://www.openwall.com/lists/oss-security/2016/05/20/1 https://access.redhat.com/errata/RHBA-2016:1501 https://bugzilla.redhat.com/attachment.cgi?id=1146522 https://bugzilla.redhat.com/show_bug.cgi?id=1326251 https://github.com/pulp/pulp/blob/master/pulp.spec#L473-L486 https://github.com/pulp/pulp/blob/master/pulp.spec#L894-L • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •