Test Kennung:	1.3.6.1.4.1.25623.1.0.882895
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for pcs CESA-2018:1060 centos7
Zusammenfassung:	Check the version of pcs
Beschreibung:	Summary: Check the version of pcs Vulnerability Insight: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * pcs: Privilege escalation via authorized user malicious REST call (CVE-2018-1079) * pcs: Debug parameter removal bypass, allowing information disclosure (CVE-2018-1086) * rack-protection: Timing attack in authenticity_token.rb (CVE-2018-1000119) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. The CVE-2018-1079 issue was discovered by Ondrej Mular (Red Hat) and the CVE-2018-1086 issue was discovered by Cedric Buissart (Red Hat). Affected Software/OS: pcs on CentOS 7 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1079 https://access.redhat.com/errata/RHSA-2018:1060 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1079 Common Vulnerability Exposure (CVE) ID: CVE-2018-1086 Debian Security Information: DSA-4169 (Google Search) https://www.debian.org/security/2018/dsa-4169 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1086 RedHat Security Advisories: RHSA-2018:1060 RedHat Security Advisories: RHSA-2018:1927 https://access.redhat.com/errata/RHSA-2018:1927 Common Vulnerability Exposure (CVE) ID: CVE-2018-1000119 Debian Security Information: DSA-4247 (Google Search) https://www.debian.org/security/2018/dsa-4247
Copyright	Copyright (C) 2018 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.