CVE-2020-25654 – pacemaker: ACL restrictions bypass
https://notcve.org/view.php?id=CVE-2020-25654
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration. Se encontró un fallo de omisión de ACL en pacemaker. Un atacante que tenga una cuenta local en el clúster y en el grupo haclient podría usar la comunicación IPC con varios demonios directamente para llevar a cabo determinadas tareas que las ACL no podrían hacer si pasaran por la configuración An ACL bypass flaw was found in Pacemaker. This flaw allows an attacker with a local account on the cluster and in the haclient group to use IPC communication with various daemons to directly perform certain tasks that would be prevented if they had gone through configured ACLs. • https://bugzilla.redhat.com/show_bug.cgi?id=1888191 https://lists.clusterlabs.org/pipermail/users/2020-October/027840.html https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html https://seclists.org/oss-sec/2020/q4/83 https://security.gentoo.org/glsa/202309-09 https://access.redhat.com/security/cve/CVE-2020-25654 • CWE-284: Improper Access Control •
CVE-2014-0104
https://notcve.org/view.php?id=CVE-2014-0104
In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates. En fence-agents versiones anteriores a la versión 4.0.17, no se comprueban los certificados SSL remotos en el script fence_cisco_ucs.py, lo que puede permitir potencialmente que los atacantes de tipo man-in-the-middle puedan falsificar servidores SSL por medio de certificados SSL arbitrarios. • https://access.redhat.com/security/cve/cve-2014-0104 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0104 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-0104 https://security-tracker.debian.org/tracker/CVE-2014-0104 • CWE-295: Improper Certificate Validation •
CVE-2011-5271
https://notcve.org/view.php?id=CVE-2011-5271
Pacemaker before 1.1.6 configure script creates temporary files insecurely Pacemaker versiones anteriores a 1.1.6, un script de configuración crea archivos temporales de forma no segura. • http://www.openwall.com/lists/oss-security/2014/02/11/1 http://www.securityfocus.com/bid/65472 https://exchange.xforce.ibmcloud.com/vulnerabilities/91120 https://security-tracker.debian.org/tracker/CVE-2011-5271 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2019-10153 – fence-agents: mis-handling of non-ASCII characters in guest comment fields
https://notcve.org/view.php?id=CVE-2019-10153
A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member. Se detectó un fallo en fence-agents, anterior a versión 4.3.4, donde el uso de caracteres no ASCII en un comentario de una Máquina Virtual invitada u otros campos causaría que fence_rhevm salga con una excepción. En entornos de clúster, esto podría conllevar a impedir una recuperación automatizada o por otra parte denegar el servicio a los clústeres de los que esa Máquina Virtual es miembro. • https://access.redhat.com/errata/RHSA-2019:2037 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10153 https://github.com/ClusterLabs/fence-agents/pull/255 https://github.com/ClusterLabs/fence-agents/pull/272 https://access.redhat.com/security/cve/CVE-2019-10153 https://bugzilla.redhat.com/show_bug.cgi?id=1716286 • CWE-172: Encoding Error •
CVE-2019-12779 – libqb: Insecure treatment of IPC (temporary) files
https://notcve.org/view.php?id=CVE-2019-12779
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL. libqb anterior a la versión 1.0.5 permite a los usuarios locales sobrescribir archivos arbitrarios mediante un ataque de enlace simbólico (symlink attack), porque utiliza nombres de archivo predecibles (bajo /dev/shm y /tmp) sin O_EXCL. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00031.html http://www.securityfocus.com/bid/108691 https://access.redhat.com/errata/RHSA-2019:3610 https://bugzilla.redhat.com/show_bug.cgi?id=1695948 https://github.com/ClusterLabs/libqb/issues/338 https://github.com/ClusterLabs/libqb/releases/tag/v1.0.4 https://github.co • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •