CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2014-4657 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4657
24 Nov 2014 — The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. La función safe_eval en Ansible versiones anteriores a 1.5.4, no restringe apropiadamente el subconjunto de código, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. Multiple vulnerabilities have been found in Ansible which may allow local privilege escalation. Versions less than 1.6.8 ar... • https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 0CVE-2014-4678 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4678
24 Nov 2014 — The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657. La función safe_eval en Ansible versiones anteriores a 1.6.4, no restringe apropiadamente el subconjunto de códigos, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. NOTA: esta vulnerabilidad se presenta debi... • https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2014-4966 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4966
22 Jul 2014 — Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. Ansible versiones anteriores a 1.6.7, no impide los datos de inventario con las subcadenas "{{" y "lookup", y no impide los datos remotos con las subcadenas "{{", lo que permite a atacantes remotos ejecutar código arbitrario por medio de (1) llamad... • http://www.ocert.org/advisories/ocert-2014-004.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2014-4967 – Gentoo Linux Security Advisory 201411-09
https://notcve.org/view.php?id=CVE-2014-4967
22 Jul 2014 — Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing " src=" clause, (2) a trailing " temp=" clause, or (3) a trailing " validate=" clause accompanied by a shell command. Múltiples vulnerabilidades de inyección de argumentos en Ansible versiones anteriores a 1.6.7, permiten a atacantes remotos ejecutar código arbitrario al... • http://www.ocert.org/advisories/ocert-2014-004.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-4259
https://notcve.org/view.php?id=CVE-2013-4259
16 Sep 2013 — runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/. runner/connection_plugins/ssh.py en Ansible anteriores a v1.2.3 al usar ControlPersist, permite a usuarios locales redirigir una sesión ssh a través de un ataque de enlaces simbólicos sobre un archivo de socket con un nombre predecible en /tmp/. • http://www.ansible.com/security • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4260
https://notcve.org/view.php?id=CVE-2013-4260
16 Sep 2013 — lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/. lib/ansible/playbook/__init__.py en Ansible 1.2.x (anteriores a 1.2.3), cuando playbook no funciona debido a un error, permite a usuarios locales sobreescribir archivos a discrección a través de un ataque symlink en un archivo de reintento con un nombre predecible en /var/... • http://www.ansible.com/security • CWE-264: Permissions, Privileges, and Access Controls •