Test ID:	1.3.6.1.4.1.25623.1.0.882590
Category:	CentOS Local Security Checks
Title:	CentOS Update for pacemaker CESA-2016:2675 centos6
Summary:	Check the version of pacemaker
Description:	Summary: Check the version of pacemaker Vulnerability Insight: The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix(es): * An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) This issue was discovered by Jan 'poki' Pokorny (Red Hat) and Alain Moulle (ATOS/BULL). Affected Software/OS: pacemaker on CentOS 6 Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7035 BugTraq ID: 94214 http://www.securityfocus.com/bid/94214 https://security.gentoo.org/glsa/201710-08 http://www.openwall.com/lists/oss-security/2016/11/03/5 https://lists.clusterlabs.org/pipermail/users/2016-November/004432.html RedHat Security Advisories: RHSA-2016:2614 http://rhn.redhat.com/errata/RHSA-2016-2614.html RedHat Security Advisories: RHSA-2016:2675 http://rhn.redhat.com/errata/RHSA-2016-2675.html
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.