Page 47 of 262 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

CVE-2016-7031 – ceph: RGW permits bucket listing when authenticated_users=read

https://notcve.org/view.php?id=CVE-2016-7031

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL. El código RGW en Ceph en versiones anteriores a 10.0.1, cuando la lectura autenticada ACL es aplicada a un compartimento, permite a atacantes remotos listar el contenido del compartimento a través de una URL. A flaw was found in Ceph RGW code which allows an anonymous user to list contents of RGW bucket by bypassing ACL which should only allow authenticated users to list contents of bucket. • http://docs.ceph.com/docs/master/release-notes/#v10-0-1 http://rhn.redhat.com/errata/RHSA-2016-1972.html http://rhn.redhat.com/errata/RHSA-2016-1973.html http://tracker.ceph.com/issues/13207 http://www.securityfocus.com/bid/93240 https://github.com/ceph/ceph/pull/6057 https://access.redhat.com/security/cve/CVE-2016-7031 https://bugzilla.redhat.com/show_bug.cgi?id=1372446 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •

CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0

CVE-2016-5009 – crash: mon_command crashes ceph monitors on receiving empty prefix

https://notcve.org/view.php?id=CVE-2016-5009

The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix. La función handle_command en mon/Monitor.cc en Ceph permite a usuarios remotos autenticados provocar un denegación de servicio (fallo de segmentación y caída del monitor ceph) a través de un prefijo (1) vacío o (2) manipulado. A flaw was found in the way handle_command() function would validate prefix value from user. An authenticated attacker could send a specially crafted prefix value resulting in ceph monitor crash. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00126.html http://tracker.ceph.com/issues/16297 https://access.redhat.com/errata/RHSA-2016:1384 https://access.redhat.com/errata/RHSA-2016:1385 https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6 https://github.com/ceph/ceph/pull/9700 https://access.redhat.com/security/cve/CVE-2016-5009 https://bugzilla.redhat.com/show_bug.cgi?id=1351453 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 67%CPEs: 81EXPL: 0

CVE-2016-3427 – Oracle Java SE and JRockit Unspecified Vulnerability

https://notcve.org/view.php?id=CVE-2016-3427

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-05 • CWE-284: Improper Access Control •

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-5242 – swiftonfile: use of insecure Python pickle for metadata serialization and storage

https://notcve.org/view.php?id=CVE-2015-5242

OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute (xattrs). OpenStack Swift-on-File (también conocido como Swiftonfile) no restringe adecuadamente el uso del módulo Python pickle cuando carga metadatos, lo que permite a usuarios remotos autenticados ejecutar código arbitrario a través de un atributo extendido manipulado (xattrs). A flaw was found in the way swiftonfile (gluster-swift) serialized and stored metadata on disk by using Python's pickle module. A remote, authenticated user could use this flaw to execute arbitrary code on the storage node. • http://rhn.redhat.com/errata/RHSA-2015-1918.html https://access.redhat.com/solutions/1985893 https://bugzilla.redhat.com/show_bug.cgi?id=1258743 https://review.openstack.org/#/c/237994 https://access.redhat.com/security/cve/CVE-2015-5242 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2014-8177 – gluster-swift metadata constraints are not correctly enforced

https://notcve.org/view.php?id=CVE-2014-8177

The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage Server), allows remote authenticated users to bypass the max_meta_count constraint via multiple crafted requests which exceed the limit when combined. El paquete gluster-swift de Red Hat, tal como se utiliza en Red Hat Gluster Storage (anteriormente Red Hat Storage Server), permite a usuarios remotos autenticados eludir la restricción max_meta_count a través de múltiples peticiones manipuladas que exceden el límite cuando se combinan. A flaw was found in the metadata constraints in Red Hat Gluster Storage's OpenStack Object Storage (swiftonfile). By adding metadata in several separate calls, a malicious user could bypass the max_meta_count constraint, and store more metadata than allowed by the configuration. • http://rhn.redhat.com/errata/RHSA-2015-1845.html http://rhn.redhat.com/errata/RHSA-2015-1846.html http://www.openwall.com/lists/oss-security/2015/08/27/5 https://bugzilla.redhat.com/show_bug.cgi?id=1257525 https://access.redhat.com/security/cve/CVE-2014-8177 • CWE-284: Improper Access Control •