Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-7035

Опубликовано: 10 сент. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.2
CVSS3: 8.8

Описание

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

РелизСтатусПримечание
artful

not-affected

1.1.16-1ubuntu1
devel

not-affected

1.1.16-1ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.1.10+git20130802-1ubuntu2.4]]
esm-infra/xenial

released

1.1.14-2ubuntu1.2
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

released

1.1.10+git20130802-1ubuntu2.4
trusty/esm

DNE

trusty was released [1.1.10+git20130802-1ubuntu2.4]
upstream

released

1.1.15-3
vivid/stable-phone-overlay

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 29%
0.00103
Низкий

7.2 High

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-7035

CVSS3: 8.8
redhat
больше 9 лет назад

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

nvd логотип

CVE-2016-7035

CVSS3: 8.8
nvd
больше 7 лет назад

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

debian логотип

CVE-2016-7035

CVSS3: 8.8
debian
больше 7 лет назад

An authorization flaw was found in Pacemaker before 1.1.16, where it d ...

github логотип

GHSA-5wmv-gcg2-v47h

CVSS3: 7.8
github
больше 3 лет назад

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

suse-cvrf логотип

openSUSE-SU-2016:3101-1

suse-cvrf
около 9 лет назад

Security update for pacemaker

EPSS

Процентиль: 29%
0.00103
Низкий

7.2 High

CVSS2

8.8 High

CVSS3