VYPR

rpm package

suse/pacemaker&distro=SUSE Linux Enterprise High Availability Extension 12 SP2

pkg:rpm/suse/pacemaker&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2

Vulnerabilities (4)

  • CVE-2018-16878Apr 18, 2019
    affected < 1.1.15-23.9.1fixed 1.1.15-23.9.1

    A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS

  • CVE-2018-16877Apr 18, 2019
    affected < 1.1.15-23.9.1fixed 1.1.15-23.9.1

    A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

  • CVE-2016-7035HigSep 10, 2018
    affected < 1.1.15-21.1fixed 1.1.15-21.1

    An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and

  • CVE-2016-7797HigMar 24, 2017
    affected < 1.1.15-21.1fixed 1.1.15-21.1

    Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.