CVE-2014-3496 – Origin: Command execution as root via downloadable cartridge source-url
https://notcve.org/view.php?id=CVE-2014-3496
cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file. cartridge_repository.rb en OpenShift Origin and Enterprise 1.2.8 hasta 2.1.1 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en una Url de fuente que termina con una extensión de fichero (1) .tar.gz, (2) .zip, (3) .tgz o (4) .tar en un fichero del manifiesto de cartuchos. • http://rhn.redhat.com/errata/RHSA-2014-0762.html http://rhn.redhat.com/errata/RHSA-2014-0763.html http://rhn.redhat.com/errata/RHSA-2014-0764.html http://secunia.com/advisories/59298 https://bugzilla.redhat.com/show_bug.cgi?id=1110470 https://github.com/openshift/origin-server/pull/5521 https://access.redhat.com/security/cve/CVE-2014-3496 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2014-0233 – OpenShift: downloadable cartridge source url file command execution as root
https://notcve.org/view.php?id=CVE-2014-0233
Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme. Red Hat OpenShift Enterprise 2.0 y 2.1 y OpenShift Origin permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de meta-caracteres de shell en el nombre del directorio referenciado por un cartucho (cartridge), usando el fichero : URI scheme. • http://rhn.redhat.com/errata/RHSA-2014-0529.html http://rhn.redhat.com/errata/RHSA-2014-0530.html https://bugzilla.redhat.com/show_bug.cgi?id=1096955 https://access.redhat.com/security/cve/CVE-2014-0233 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2014-0164 – mcollective: world readable client config
https://notcve.org/view.php?id=CVE-2014-0164
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file. openshift-origin-broker-util, utilizado en Red Hat OpenShift Enterprise 1.2.7 y 2.0.5, utiliza permisos de lectura universal para el archivo de configuración de mcollective client.cfg, lo que permite a usuarios locales obtener credenciales y otra información sensible mediante la lectura del archivo. • http://rhn.redhat.com/errata/RHSA-2014-0460.html http://rhn.redhat.com/errata/RHSA-2014-0461.html https://access.redhat.com/security/cve/CVE-2014-0164 https://bugzilla.redhat.com/show_bug.cgi?id=1083847 • CWE-310: Cryptographic Issues CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2014-0188 – OpenShift: openshift-origin-broker plugin allows impersonation
https://notcve.org/view.php?id=CVE-2014-0188
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger. El openshift-origin-broker en Red Hat OpenShift Enterprise 2.0.5, 1.2.7, y anteriores no maneja adecuadamente las peticiones de autenticación provenientes del plugin de autenticación de usuarios remotos, lo que permite a atacantes remotos evitar la autenticación y suplantar a usuarios arbitrarios a través de las cabeceras X-Remote-User en las peticiones provocando un bypass. • http://rhn.redhat.com/errata/RHSA-2014-0422.html http://rhn.redhat.com/errata/RHSA-2014-0423.html https://bugzilla.redhat.com/show_bug.cgi?id=1090120 https://access.redhat.com/security/cve/CVE-2014-0188 • CWE-287: Improper Authentication •
CVE-2014-1869 – stapler-adjunct-zeroclipboard: multiple cross-site scripting (XSS) flaws
https://notcve.org/view.php?id=CVE-2014-1869
Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters). Múltiples vulnerabilidades de XSS en ZeroClipboard.swf en ZeroClipboard anterior a 1.3.2, mantenido por Jon Rohan y James M. Greene, permiten a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores relacionados con ciertos parámetros de consulta SWF (también conocido como loaderInfo.parameters). • http://secunia.com/advisories/56821 http://www.securityfocus.com/bid/65484 https://access.redhat.com/errata/RHSA-2016:0070 https://exchange.xforce.ibmcloud.com/vulnerabilities/91085 https://github.com/zeroclipboard/zeroclipboard/commit/2f9eb9750a433965572d047e24b0fc78fd1415ca https://github.com/zeroclipboard/zeroclipboard/pull/335 https://github.com/zeroclipboard/zeroclipboard/releases/tag/v1.3.2 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 https://access.redhat.com/security& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •