Уязвимость CVE-2014-3251

Пакет	Статус	Версия исправления	Релиз	Тип
mcollective	fixed	2.6.0+dfsg-1		package
mcollective	no-dsa		wheezy	package

CVE-2014-3251

ubuntu

больше 11 лет назад

The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to a race condition.

CVE-2014-3251

redhat

больше 11 лет назад

The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to a race condition.

CVE-2014-3251

nvd

больше 11 лет назад

The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to a race condition.

GHSA-q495-m6p3-c645

github

больше 3 лет назад

The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to a race condition.

BDU:2015-09786

fstec

около 11 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

exploitDog

CVE-2014-3251

Описание

Пакеты

Примечания

Связанные уязвимости