Page 6 of 33 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory. La función create_script en el módulo lxc_container en Ansible en versiones anteriores a 1.9.6-1 y 2.x en versiones anteriores a 2.0.2.0 permite a usuarios locales escribir en archivos arbitrarios u obtener privilegios a través de un ataque de enlace simbólicos en (1) /opt/.lxc-attach-script, (2) el contenedor archived en el directorio archive_path, o el (3) lxc-attach-script.log o (4) lxc-attach-script.err files en el directorio temporal. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183103.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183132.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183252.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183274.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184175.html https://bugzilla.redhat.com/show_bug.cgi?id=1322925 https://github.com/ansible/ansible-modules-extras/pull/1941 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Vulnerabilidad en Ansible en versiones anteriores a 1.9.2, no verifica que el hostname del servidor coincida con un nombre de dominio en el Common Name (CN) del sujeto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle suplantar servidores SSL a través de un certificado arbitrario válido. • http://lists.opensuse.org/opensuse-updates/2015-07/msg00051.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00029.html http://www.ansible.com/security http://www.openwall.com/lists/oss-security/2015/07/14/4 https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 9.8EPSS: 13%CPEs: 4EXPL: 0

The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657. La función safe_eval en Ansible versiones anteriores a 1.6.4, no restringe apropiadamente el subconjunto de códigos, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta del CVE-2014-4657. • https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916 https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ https://security-tracker.debian.org/tracker/CVE-2014-4678 https://www.openwall.com/lists/oss-security/2014/06/26/30 https://www.openwall.com/lists/oss-security/2014/07/02/2 https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5 https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0

The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. La función safe_eval en Ansible versiones anteriores a 1.5.4, no restringe apropiadamente el subconjunto de código, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. • https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md https://www.securityfocus.com/bid/68232 • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. Ansible versiones anteriores a 1.6.7, no impide los datos de inventario con las subcadenas "{{" y "lookup", y no impide los datos remotos con las subcadenas "{{", lo que permite a atacantes remotos ejecutar código arbitrario por medio de (1) llamadas a lookup('pipe') diseñadas o (2) datos Jinja2 diseñados. • http://www.ocert.org/advisories/ocert-2014-004.html https://github.com/ansible/ansible/commit/62a1295a3e08cb6c3e9f1b2a1e6e5dcaeab32527 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •