CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1127 – tendrl-api: Improper cleanup of session token can allow attackers to hijack user sessions
https://notcve.org/view.php?id=CVE-2018-1127
04 Sep 2018 — Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. Session tokens remain active for a few minutes allowing attackers to replay tokens acquired via sniffing/MITM attacks and authenticate as the target user. Tendrl API en Red Hat Gluster Storage en versiones anteriores a la 3.4.0 no elimina inmediatamente los tokens de sesión una vez el usuario ha cerrado sesión. Los tokens de sesión siguen activos durante unos pocos minutos, lo que permite que... • http://www.securitytracker.com/id/1041597 • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2018-10875 – ansible: ansible.cfg is being read from current working directory allowing possible code execution
https://notcve.org/view.php?id=CVE-2018-10875
10 Jul 2018 — A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. Se ha encontrado un error en ansible. ansible.cfg se lee desde el directorio de trabajo actual, que puede alterarse para hacer que señale a un plugin o una ruta de módulo bajo el control de un atacante, permitiendo que el atacante ejecute código arbitrario. It was found th... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html • CWE-426: Untrusted Search Path •
CVSS: 8.3EPSS: 5%CPEs: 7EXPL: 1CVE-2018-1088 – glusterfs: Privilege escalation via gluster_shared_storage when snapshot scheduling is enabled
https://notcve.org/view.php?id=CVE-2018-1088
18 Apr 2018 — A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink. Se ha encontrado un error de escalado de privilegios en el programador de capturas en gluster, en versiones 3.x. Cualquier cliente gluster al que se le permita montar volúmenes de gluster también podría montar un volumen de almacenamiento compartido de gluster y escalar ... • https://github.com/MauroEldritch/GEVAUDAN • CWE-266: Incorrect Privilege Assignment •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1777
https://notcve.org/view.php?id=CVE-2015-1777
12 Apr 2018 — rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack. rhnreg_ks en Red Hat Network Client Tools (también conocido como rhn-client-tools) en Red Hat Gluster Storage 2.1 y Enterprise Linux (RHEL) 5, 6 y 7 no valida correctamente los nombres de host en los certif... • http://www.openwall.com/lists/oss-security/2015/03/04/7 • CWE-295: Improper Certificate Validation •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15085 – samba: Some code path don't enforce smb signing, when they should (incomplete fix of CVE-2017-12150)
https://notcve.org/view.php?id=CVE-2017-15085
02 Nov 2017 — It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. Se descubrió que la solución para CVE-2017-12150 no se subió correctamente en la errata RHSA-2017:2858 para Red Hat Gluster Storage 3.3 para RHEL 6. Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Se... • http://www.securityfocus.com/bid/101554 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15086 – samba: SMB2 connections don't keep encryption across DFS redirects (incomplete fix of CVE-2017-12151)
https://notcve.org/view.php?id=CVE-2017-15086
02 Nov 2017 — It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. Se descubrió que la solución para CVE-2017-12151 no se subió correctamente en la errata RHSA-2017:2858 para Red Hat Gluster Storage 3.3 para RHEL 6. Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Se... • http://www.securityfocus.com/bid/101555 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15087 – samba: Server memory information leak over SMB1 (incomplete fix for CVE-2017-12163)
https://notcve.org/view.php?id=CVE-2017-15087
02 Nov 2017 — It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. Se descubrió que la solución para CVE-2017-12163 no se subió correctamente en la errata RHSA-2017:2858 para Red Hat Gluster Storage 3.3 para RHEL 6. Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Se... • http://www.securityfocus.com/bid/101556 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.4EPSS: 22%CPEs: 14EXPL: 0CVE-2017-12150 – samba: Some code path don't enforce smb signing, when they should
https://notcve.org/view.php?id=CVE-2017-12150
21 Sep 2017 — It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. Se ha descubierto que Samba en versiones anteriores a la 4.4.16, versiones 4.5.x anteriores a la 4.5.14 y versiones 4.6.x anteriores a la 4.6.8 no cumple "SMB signing" cuando están habilitadas determinadas opciones de configuración. Un atacante remoto ... • http://www.securityfocus.com/bid/100918 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 7.1EPSS: 19%CPEs: 14EXPL: 0CVE-2017-12163 – Samba: Server memory information leak over SMB1
https://notcve.org/view.php?id=CVE-2017-12163
21 Sep 2017 — An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. Se ha descubierto una vulnerabilidad de fuga de información en la manera en la que Samba, en versiones anteriores a la 4.4.16, versiones 4.5.x anteriores a la 4.5.14 y... • http://www.securityfocus.com/bid/100925 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 3%CPEs: 16EXPL: 0CVE-2017-7481 – ansible: Security issue with lookup return not tainting the jinja2 environment
https://notcve.org/view.php?id=CVE-2017-7481
18 May 2017 — Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated. Ansible en versiones anteriores a la 2.3.1.0 y 2.4.0.0 no marca correctamente los resultados del plugin lookup como no seguros. Si un atacante pudiese c... • http://www.securityfocus.com/bid/98492 • CWE-20: Improper Input Validation •