CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2014-3619 – Mandriva Linux Security Advisory 2015-211
https://notcve.org/view.php?id=CVE-2014-3619
27 Mar 2015 — The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header. La función __socket_proto_state_machine en GlusterFS 3.5 permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de una cabecera de fragmento '00000000'. glusterfs was vulnerable to a fragment header infinite loop denial of service attack. Also, the glusterfsd SysV init script was failing to properly start the servic... • http://advisories.mageia.org/MGASA-2015-0145.html • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5635 – GlusterFS: insecure temporary file creation
https://notcve.org/view.php?id=CVE-2012-5635
29 Mar 2013 — The GlusterFS functionality in Red Hat Storage Management Console 2.0, Native Client, and Server 2.0 allows local users to overwrite arbitrary files via a symlink attack on multiple temporary files created by (1) tests/volume.rc, (2) extras/hook-scripts/S30samba-stop.sh, and possibly other vectors, different vulnerabilities than CVE-2012-4417. La funcionalidad GlusterFS en Red Hat Storage Management Console v2.0, Native Client, Server 2.0 permite a usuarios locales sobreescribir archivos arbitrarios mediant... • http://rhn.redhat.com/errata/RHSA-2013-0691.html • CWE-264: Permissions, Privileges, and Access Controls CWE-377: Insecure Temporary File •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4417 – GlusterFS: insecure temporary file creation
https://notcve.org/view.php?id=CVE-2012-4417
13 Nov 2012 — GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. GlusterFS v3.3.0, como se usa en Red Hat Storage v2.0, permite a usuarios locales sobreescribir archivos arbitrarios mediante un ataque de enlaces simbólicos en los archivos temporales con nombres predecibles. Red Hat Storage is software only, scale-out storage that provides flexible and affordable unstructured data storage for the enterprise... • http://rhn.redhat.com/errata/RHSA-2012-1456.html • CWE-264: Permissions, Privileges, and Access Controls CWE-377: Insecure Temporary File •