CVE-2015-3908
https://notcve.org/view.php?id=CVE-2015-3908
Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Vulnerabilidad en Ansible en versiones anteriores a 1.9.2, no verifica que el hostname del servidor coincida con un nombre de dominio en el Common Name (CN) del sujeto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle suplantar servidores SSL a través de un certificado arbitrario válido. • http://lists.opensuse.org/opensuse-updates/2015-07/msg00051.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00029.html http://www.ansible.com/security http://www.openwall.com/lists/oss-security/2015/07/14/4 https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html • CWE-345: Insufficient Verification of Data Authenticity •
CVE-2014-4678
https://notcve.org/view.php?id=CVE-2014-4678
The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657. La función safe_eval en Ansible versiones anteriores a 1.6.4, no restringe apropiadamente el subconjunto de códigos, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta del CVE-2014-4657. • https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916 https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ https://security-tracker.debian.org/tracker/CVE-2014-4678 https://www.openwall.com/lists/oss-security/2014/06/26/30 https://www.openwall.com/lists/oss-security/2014/07/02/2 https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5 https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2014-4657
https://notcve.org/view.php?id=CVE-2014-4657
The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. La función safe_eval en Ansible versiones anteriores a 1.5.4, no restringe apropiadamente el subconjunto de código, lo que permite a atacantes remotos ejecutar código arbitrario por medio de instrucciones diseñadas. • https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md https://www.securityfocus.com/bid/68232 • CWE-20: Improper Input Validation •
CVE-2014-4966
https://notcve.org/view.php?id=CVE-2014-4966
Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. Ansible versiones anteriores a 1.6.7, no impide los datos de inventario con las subcadenas "{{" y "lookup", y no impide los datos remotos con las subcadenas "{{", lo que permite a atacantes remotos ejecutar código arbitrario por medio de (1) llamadas a lookup('pipe') diseñadas o (2) datos Jinja2 diseñados. • http://www.ocert.org/advisories/ocert-2014-004.html https://github.com/ansible/ansible/commit/62a1295a3e08cb6c3e9f1b2a1e6e5dcaeab32527 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2014-4967
https://notcve.org/view.php?id=CVE-2014-4967
Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing " src=" clause, (2) a trailing " temp=" clause, or (3) a trailing " validate=" clause accompanied by a shell command. Múltiples vulnerabilidades de inyección de argumentos en Ansible versiones anteriores a 1.6.7, permiten a atacantes remotos ejecutar código arbitrario al aprovechar el acceso a un host administrado de Ansible y proporcionar un dato diseñado como es demostrado por un dato con (1) una cláusula "src=" al final, (2) una cláusula "temp=" al final, o (3) una cláusula "validate=" al final, acompañada de un comando de shell. • http://www.ocert.org/advisories/ocert-2014-004.html https://github.com/ansible/ansible/commit/62a1295a3e08cb6c3e9f1b2a1e6e5dcaeab32527 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •