CVE-2019-3828 – Ansible: path traversal in the fetch module
https://notcve.org/view.php?id=CVE-2019-3828
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path. El módulo fetch de Ansible, en versiones anteriores a las 2.5.15, 2.6.14 y 2.7.8, tiene una vulnerabilidad de salto de directorio que permite la copia y la sobrescritura de archivos fuera de la carpeta especificada en el host del controlador local de Ansible mediante la no restricción de una ruta absoluta. A path traversal flaw was found in ansible. The fetch module allows copying and overwriting files outside of the specified destination in the local ansible controller host by not restricting an absolute path. The main threat from this vulnerability is to data confidentiality and integrity. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html http://packetstormsecurity.com/files/172837/Ansible-Fetch-Path-Traversal.html https://access.redhat.com/errata/RHSA-2019:3744 https://access.redhat.com/errata/RHSA-2019:3789 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3828 https://github.com/ansible/ansible/pull • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-16876 – ansible: Information disclosure in vvv+ mode with no_log on
https://notcve.org/view.php?id=CVE-2018-16876
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. ansible en versiones anteriores a las 2.5.14, 2.6.11 y 2.7.5 es vulnerable a un fallo de divulgación de información en el modo vvv+ con "no_log" habilitado, el cual podría provocar el filtrado de datos sensibles. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html http://www.securityfocus.com/bid/106225 https://access.redhat.com/errata/RHSA-2018:3835 https://access.redhat.com/errata/RHSA-2018:3836 https://access.redhat.com/errata/RHSA-2018:3837 https://access.redhat.com/errata/RHSA-2018:3838 https://access.redhat.com/errata& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-8614
https://notcve.org/view.php?id=CVE-2016-8614
A flaw was found in Ansible before version 2.2.0. The apt_key module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key. Se ha descubierto un problema en versiones anteriores a la 2.2.0 de Ansible. El módulo apt_key no verifica correctamente las huellas de la clave, lo que permite que un adversario remoto cree una clave de OpenPGP que coincide con el ID de clave corto y la inyecte en lugar de la clave correcta. • http://www.securityfocus.com/bid/94108 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8614 https://github.com/ansible/ansible-modules-core/issues/5237 https://github.com/ansible/ansible-modules-core/pull/5353 https://github.com/ansible/ansible-modules-core/pull/5357 • CWE-320: Key Management Errors CWE-358: Improperly Implemented Security Check for Standard •
CVE-2013-2233
https://notcve.org/view.php?id=CVE-2013-2233
Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys. Ansible en versiones anteriores a la 1.2.1 facilita que atacantes remotos lleven a cabo ataques Man-in-the-Middle (MitM) aprovechando el error a la hora de cachear claves de host SSH. • http://www.openwall.com/lists/oss-security/2013/07/01/2 http://www.openwall.com/lists/oss-security/2013/07/02/6 https://bugzilla.redhat.com/show_bug.cgi?id=980821 https://github.com/ansible/ansible/issues/857 https://www.ansible.com/security • CWE-320: Key Management Errors •
CVE-2018-1000149
https://notcve.org/view.php?id=CVE-2018-1000149
A man in the middle vulnerability exists in Jenkins Ansible Plugin 0.8 and older in AbstractAnsibleInvocation.java, AnsibleAdHocCommandBuilder.java, AnsibleAdHocCommandInvocationTest.java, AnsibleContext.java, AnsibleJobDslExtension.java, AnsiblePlaybookBuilder.java, AnsiblePlaybookStep.java that disables host key verification by default. Existe una vulnerabilidad de Man-in-the-Middle (MitM) en el plugin Ansible en Jenkins, en versiones 0.8 y anteriores, en AbstractAnsibleInvocation.java, AnsibleAdHocCommandBuilder.java, AnsibleAdHocCommandInvocationTest.java, AnsibleContext.java, AnsibleJobDslExtension.java, AnsiblePlaybookBuilder.java y AnsiblePlaybookStep.java que deshabilita la verificación de la clave del host por defecto. • https://jenkins.io/security/advisory/2018-03-26/#SECURITY-630 •