ID CVE-2016-7035
Summary An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
References
Vulnerable Configurations
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.16
    cpe:2.3:a:clusterlabs:pacemaker:1.1.16
  • Red Hat Enterprise Linux Server 6.0
    cpe:2.3:o:redhat:enterprise_linux_server:6.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.3
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.5
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
CVSS
Base: 7.2
Impact:
Exploitability:
CWE CWE-285
CAPEC
  • Accessing Functionality Not Properly Constrained by ACLs
    In applications, particularly web applications, access to functionality is mitigated by the authorization framework, whose job it is to map ACLs to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application or can run queries for data that he is otherwise not supposed to.
  • Cross Zone Scripting
    An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
  • Directory Indexing
    An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Accessing, Modifying or Executing Executable Files
    An attack of this type exploits a system's configuration that allows an attacker to either directly access an executable file, for example through shell access; or in a possible worst case allows an attacker to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
  • Manipulating Opaque Client-based Data Tokens
    In circumstances where an application holds important data client-side in tokens (cookies, URLs, data files, and so forth) that data can be manipulated. If client or server-side application components reinterpret that data as authentication tokens or data (such as store item pricing or wallet information) then even opaquely manipulating that data may bear fruit for an Attacker. In this pattern an attacker undermines the assumption that client side tokens have been adequately protected from tampering through use of encryption or obfuscation.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Poison Web Service Registry
    SOA and Web Services often use a registry to perform look up, get schema information, and metadata about services. A poisoned registry can redirect (think phishing for servers) the service requester to a malicious service provider, provide incorrect information in schema or metadata (to effect a denial of service), and delete information about service provider interfaces. WS-Addressing is used to virtualize services, provide return addresses and other routing information, however, unless the WS-Addressing headers are protected they are vulnerable to rewriting. The attacker that can rewrite WS-addressing information gains the ability to route service requesters to any service providers, and the ability to route service provider response to any service. Content in a registry is deployed by the service provider. The registry in an SOA or Web Services system can be accessed by the service requester via UDDI or other protocol. The basic flow for the attacker consists of either altering the data at rest in the registry or uploading malicious content by spoofing a service provider. The service requester is then redirected to send its requests and/or responses to services the attacker controls.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
  • Reusing Session IDs (aka Session Replay)
    This attack targets the reuse of valid session ID to spoof the target system in order to gain privileges. The attacker tries to reuse a stolen session ID used previously during a transaction to perform spoofing and session hijacking. Another name for this type of attack is Session Replay.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
  • Manipulating User-Controlled Variables
    This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.
  • Forceful Browsing
    An attacker employs forceful browsing to access portions of a website that are otherwise unreachable through direct URL entry. Usually, a front controller or similar design pattern is employed to protect access to portions of a web application. Forceful browsing enables an attacker to access information, perform privileged operations and otherwise reach sections of the web application that have been improperly protected.
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2016-2675.NASL
    description An update for pacemaker is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix(es) : * An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) This issue was discovered by Jan 'poki' Pokorny (Red Hat) and Alain Moulle (ATOS/BULL).
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 94742
    published 2016-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94742
    title CentOS 6 : pacemaker (CESA-2016:2675)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-2675.NASL
    description An update for pacemaker is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix(es) : * An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) This issue was discovered by Jan 'poki' Pokorny (Red Hat) and Alain Moulle (ATOS/BULL).
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 94651
    published 2016-11-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94651
    title RHEL 6 : pacemaker (RHSA-2016:2675)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1447.NASL
    description This update for pacemaker fixes the following issues : - remote: Allow cluster and remote LRM API versions to diverge (bsc#1009076) - libcrmcommon: fix CVE-2016-7035 (improper IPC guarding) (bsc#1007433) - sysconfig: minor tweaks (typo, wording) - spec: more robust check for systemd being in use - spec: defines instead of some globals + error suppression - various: issues discovered via valgrind and coverity - attrd_updater: fix usage of HAVE_ATOMIC_ATTRD - crmd: cl#5185 - Record pending operations in the CIB before they are performed (bsc#1003565) - ClusterMon: fix to avoid matching other process with the same PID - mcp: improve comments for sysconfig options - remove openssl-devel and libselinux-devel as build dependencies - tools: crm_standby --version/--help should work without cluster - libpengine: only log startup-fencing warning once - pacemaker.service: do not mistakenly suggest killing fenced - libcrmcommon: report errors consistently when waiting for data on connection (bsc#986644) - remote: Correctly calculate the remaining timeouts when receiving messages (bsc#986644) - libfencing: report added node ID correctly - crm_mon: Do not call setenv with null value - pengine: Do not fence a maintenance node if it shuts down cleanly (bsc#1000743) - ping: Avoid temporary files for fping check (bsc#987348) - all: clarify licensing and copyrights - crmd: Resend the shutdown request if the DC forgets - ping: Avoid temp files in fping_check (bsc#987348) - crmd: Ensure the R_SHUTDOWN is set whenever we ask the DC to shut us down - crmd: clear remote node operation history only when it comes up - libcib,libfencing,libtransition: handle memory allocation errors without CRM_CHECK() - tools: make crm_mon XML schema handle resources with multiple active - pengine: set OCF_RESKEY_CRM_meta_notify_active_* for multistate resources - pengine: avoid null dereference in new same-node ordering option - lrmd,libcluster: ensure g_hash_table_foreach() is never passed a null table - crmd: don't log warning if abort_unless_down() can't find down event - lib: Correction of the deletion of the notice registration. - stonithd: Correction of the wrong connection process name. - crmd: Keep a state of LRMD in the DC node latest. - pengine: avoid transition loop for start-then-stop + unfencing - libpengine: allow pe_order_same_node option for constraints - cts: Restart systemd-journald with 'systemctl restart systemd-journald.socket' (bsc#995365) - libcrmcommon: properly handle XML comments when comparing v2 patchset diffs - crmd: don't abort transitions for CIB comment changes - libcrmcommon: log XML comments correctly - libcrmcommon: remove extraneous format specifier from log message - remote: cl#5269 - Notify other clients of a new connection only if the handshake has completed (bsc#967388, bsc#1002767, CVE-2016-7797) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 95753
    published 2016-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95753
    title openSUSE Security Update : pacemaker (openSUSE-2016-1447)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1376.NASL
    description This update for pacemaker fixes the following issues : Security issues fixed : - CVE-2016-7797: Notify other clients of a new connection only if the handshake has completed (bsc#967388, bsc#1002767). - CVE-2016-7035: Fixed improper IPC guarding in pacemaker (bsc#1007433). Bug fixes : - bsc#1003565: crmd: Record pending operations in the CIB before they are performed - bsc#1000743: pengine: Do not fence a maintenance node if it shuts down cleanly - bsc#987348: ping: Avoid temporary files for fping check - bsc#986644: libcrmcommon: report errors consistently when waiting for data on connection - bsc#986644: remote: Correctly calculate the remaining timeouts when receiving messages This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 95531
    published 2016-12-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95531
    title openSUSE Security Update : pacemaker (openSUSE-2016-1376)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3462-1.NASL
    description Jan Pokorny and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. (CVE-2016-7035) Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker could possibly use this issue to shut down connections, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-7797). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 104143
    published 2017-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=104143
    title Ubuntu 14.04 LTS / 16.04 LTS : pacemaker vulnerabilities (USN-3462-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-2614.NASL
    description An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix(es) : * An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) This issue was discovered by Jan 'poki' Pokorny (Red Hat) and Alain Moulle (ATOS/BULL). Bug Fix(es) : * The version of Pacemaker in Red Hat Enterprise Linux 7.3 incorporated an increase in the version number of the remote node protocol. Consequently, cluster nodes running Pacemaker in Red Hat Enterprise Linux 7.3 and remote nodes running earlier versions of Red Hat Enterprise Linux were not able to communicate with each other unless special precautions were taken. This update preserves the rolling upgrade capability. (BZ#1389023)
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 94604
    published 2016-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94604
    title RHEL 7 : pacemaker (RHSA-2016:2614)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-C1CBCC4528.NASL
    description Security fix for CVE-2016-7035 (improper IPC guarding) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 94857
    published 2016-11-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94857
    title Fedora 25 : pacemaker (2016-c1cbcc4528)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2016-2614.NASL
    description An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix(es) : * An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) This issue was discovered by Jan 'poki' Pokorny (Red Hat) and Alain Moulle (ATOS/BULL). Bug Fix(es) : * The version of Pacemaker in Red Hat Enterprise Linux 7.3 incorporated an increase in the version number of the remote node protocol. Consequently, cluster nodes running Pacemaker in Red Hat Enterprise Linux 7.3 and remote nodes running earlier versions of Red Hat Enterprise Linux were not able to communicate with each other unless special precautions were taken. This update preserves the rolling upgrade capability. (BZ#1389023)
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 95353
    published 2016-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95353
    title CentOS 7 : pacemaker (CESA-2016:2614)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201710-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-201710-08 (Pacemaker: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Pacemaker. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary code or a local attacker could escalate privileges. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 103726
    published 2017-10-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103726
    title GLSA-201710-08 : Pacemaker: Multiple vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20161103_PACEMAKER_ON_SL7_X.NASL
    description Security Fix(es) : - An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) Bug Fix(es) : - The version of Pacemaker in Scientific Linux 7.3 incorporated an increase in the version number of the remote node protocol. Consequently, cluster nodes running Pacemaker in Scientific Linux 7.3 and remote nodes running earlier versions of Scientific Linux were not able to communicate with each other unless special precautions were taken. This update preserves the rolling upgrade capability.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 95852
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95852
    title Scientific Linux Security Update : pacemaker on SL7.x x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-242FF9A2FA.NASL
    description Security fix for CVE-2016-7035 (improper IPC guarding) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 94590
    published 2016-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94590
    title Fedora 24 : pacemaker (2016-242ff9a2fa)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-2A159EF513.NASL
    description Security fix for CVE-2016-7035 (improper IPC guarding) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 94657
    published 2016-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94657
    title Fedora 23 : pacemaker (2016-2a159ef513)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20161108_PACEMAKER_ON_SL6_X.NASL
    description Security Fix(es) : - An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035) This issue was discovered by Jan 'poki' Pokorny (Red Hat) and Alain Moulle (ATOS/BULL).
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 94653
    published 2016-11-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94653
    title Scientific Linux Security Update : pacemaker on SL6.x i386/x86_64
redhat via4
advisories
  • bugzilla
    id 1389023
    title 7.3
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment pacemaker is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614007
        • comment pacemaker is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635006
      • AND
        • comment pacemaker-cli is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614011
        • comment pacemaker-cli is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635014
      • AND
        • comment pacemaker-cluster-libs is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614009
        • comment pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635016
      • AND
        • comment pacemaker-cts is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614019
        • comment pacemaker-cts is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635018
      • AND
        • comment pacemaker-doc is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614021
        • comment pacemaker-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635012
      • AND
        • comment pacemaker-libs is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614013
        • comment pacemaker-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635008
      • AND
        • comment pacemaker-libs-devel is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614005
        • comment pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635010
      • AND
        • comment pacemaker-nagios-plugins-metadata is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614017
        • comment pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152383010
      • AND
        • comment pacemaker-remote is earlier than 0:1.1.15-11.el7_3.2
          oval oval:com.redhat.rhsa:tst:20162614015
        • comment pacemaker-remote is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635020
    rhsa
    id RHSA-2016:2614
    released 2016-11-03
    severity Important
    title RHSA-2016:2614: pacemaker security and bug fix update (Important)
  • bugzilla
    id 1369732
    title CVE-2016-7035 pacemaker: Privilege escalation due to improper guarding of IPC communication
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment pacemaker is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675007
        • comment pacemaker is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635006
      • AND
        • comment pacemaker-cli is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675011
        • comment pacemaker-cli is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635014
      • AND
        • comment pacemaker-cluster-libs is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675019
        • comment pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635016
      • AND
        • comment pacemaker-cts is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675017
        • comment pacemaker-cts is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635018
      • AND
        • comment pacemaker-doc is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675013
        • comment pacemaker-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635012
      • AND
        • comment pacemaker-libs is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675015
        • comment pacemaker-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635008
      • AND
        • comment pacemaker-libs-devel is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675009
        • comment pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635010
      • AND
        • comment pacemaker-remote is earlier than 0:1.1.14-8.el6_8.2
          oval oval:com.redhat.rhsa:tst:20162675005
        • comment pacemaker-remote is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131635020
    rhsa
    id RHSA-2016:2675
    released 2016-11-08
    severity Important
    title RHSA-2016:2675: pacemaker security update (Important)
rpms
  • pacemaker-0:1.1.15-11.el7_3.2
  • pacemaker-cli-0:1.1.15-11.el7_3.2
  • pacemaker-cluster-libs-0:1.1.15-11.el7_3.2
  • pacemaker-cts-0:1.1.15-11.el7_3.2
  • pacemaker-doc-0:1.1.15-11.el7_3.2
  • pacemaker-libs-0:1.1.15-11.el7_3.2
  • pacemaker-libs-devel-0:1.1.15-11.el7_3.2
  • pacemaker-nagios-plugins-metadata-0:1.1.15-11.el7_3.2
  • pacemaker-remote-0:1.1.15-11.el7_3.2
  • pacemaker-0:1.1.14-8.el6_8.2
  • pacemaker-cli-0:1.1.14-8.el6_8.2
  • pacemaker-cluster-libs-0:1.1.14-8.el6_8.2
  • pacemaker-cts-0:1.1.14-8.el6_8.2
  • pacemaker-doc-0:1.1.14-8.el6_8.2
  • pacemaker-libs-0:1.1.14-8.el6_8.2
  • pacemaker-libs-devel-0:1.1.14-8.el6_8.2
  • pacemaker-remote-0:1.1.14-8.el6_8.2
refmap via4
bid 94214
confirm
gentoo GLSA-201710-08
mlist
  • [oss-security] 20161103 CVE-2016-7035 - pacemaker - improper IPC guarding
  • [users] 20161103 [SECURITY] CVE-2016-7035 - pacemaker - improper IPC guarding
Last major update 10-09-2018 - 12:29
Published 10-09-2018 - 12:29
Last modified 07-01-2019 - 13:47
Back to Top