All the vulnerabilites related to keepalived - keepalived
Vulnerability from fkie_nvd
Published
2018-11-08 20:29
Modified
2024-11-21 03:57
Severity ?
Summary
keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugzilla.suse.com/show_bug.cgi?id=1015141 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/acassen/keepalived/issues/1048 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201903-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1015141 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/acassen/keepalived/issues/1048 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201903-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| keepalived | keepalived | 2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:keepalived:keepalived:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "41629AA7-851D-438F-8836-0574E4912DF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "keepalived 2.0.8 didn\u0027t check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information."
},
{
"lang": "es",
"value": "keepalived 2.0.8 no verificaba los archivos planos existentes al escribir datos en un archivo temporal al llamar a PrintData o PrintStats. Si un atacante local hubiera creado previamente un archivo con el nombre esperado (por ejemplo, /tmp/keepalived.data o /tmp/keepalived.stats), con acceso de lectura para el atacante y acceso de escritura para el proceso keepalived, entonces esto podr\u00eda filtrar informaci\u00f3n sensible."
}
],
"id": "CVE-2018-19046",
"lastModified": "2024-11-21T03:57:13.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-08T20:29:00.510",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-26 00:15
Modified
2024-11-21 06:30
Severity ?
Summary
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| keepalived | keepalived | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:keepalived:keepalived:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8911B3-4557-481F-9965-98A87089BD3B",
"versionEndIncluding": "2.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property"
},
{
"lang": "es",
"value": "En Keepalived versiones hasta 2.2.4, la pol\u00edtica D-Bus no restringe suficientemente el destino de los mensajes, permitiendo a cualquier usuario inspeccionar y manipular cualquier propiedad. Esto conlleva a una omisi\u00f3n del control de acceso en algunas situaciones en las que un servicio del sistema D-Bus no relacionado presenta una propiedad configurable (escribible)"
}
],
"id": "CVE-2021-44225",
"lastModified": "2024-11-21T06:30:37.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-26T00:15:10.017",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/pull/2063"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00012.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5226RYNMNB7FL4MSJDIBBGPUWH6LMRYV/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6O2R6EXURJQFPFPYFWRCZLUYVWQCLSZM/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/pull/2063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5226RYNMNB7FL4MSJDIBBGPUWH6LMRYV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6O2R6EXURJQFPFPYFWRCZLUYVWQCLSZM/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-08 20:29
Modified
2024-11-21 03:57
Severity ?
Summary
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| keepalived | keepalived | 2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:keepalived:keepalived:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "41629AA7-851D-438F-8836-0574E4912DF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "keepalived 2.0.8 didn\u0027t check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd."
},
{
"lang": "es",
"value": "keepalived 2.0.8 no buscaba nombres de ruta con enlaces simb\u00f3licos al escribir datos en un archivo temporal al llamar a PrintData o PrintStats. Esto permit\u00eda a los usuarios locales sobrescribir archivos arbitrarios si fs.protected_symlinks se establece en 0, tal y como lo demuestra un enlace simb\u00f3lico desde /tmp/keepalived.data o /tmp/keepalived.stats a /etc/passwd."
}
],
"id": "CVE-2018-19044",
"lastModified": "2024-11-21T03:57:12.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-08T20:29:00.323",
"references": [
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2285"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-08 20:29
Modified
2024-11-21 03:57
Severity ?
Summary
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| keepalived | keepalived | * | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:keepalived:keepalived:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E17D71-1A1A-45D9-82E7-AA3F771BDF10",
"versionEndExcluding": "2.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap."
},
{
"lang": "es",
"value": "keepalived hasta la versi\u00f3n 2.0.8 tiene un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) cuando se analizan los c\u00f3digos de estado HTTP, lo que resulta en una denegaci\u00f3n de servicio (DoS) o, posiblemente, en otro impacto indeterminado, debido a que extract_status_code en lib/html.c no tiene ninguna validaci\u00f3n del c\u00f3digo de estado y, en su lugar, escribe una cantidad ilimitada de datos en la memoria din\u00e1mica."
}
],
"id": "CVE-2018-19115",
"lastModified": "2024-11-21T03:57:21.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-08T20:29:00.573",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0022"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:1792"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:1945"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/pull/961"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3995-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3995-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/pull/961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3995-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3995-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-20 22:55
Modified
2024-11-21 01:27
Severity ?
Summary
The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:keepalived:keepalived:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2556FCA0-2590-424E-9A79-867164153E6E",
"versionEndIncluding": "1.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF523F2-D9A6-432D-A7D9-A50FA79C26C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA9238F-D69D-473B-A104-47D8BA33D5DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB00A40-B543-405B-B28C-836F0C6E7F04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B370AC9F-7B1B-4473-8034-38867C7C2A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "41D04C30-FF47-474B-9398-144F0BD074A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "01B2EED4-1A05-43FE-84BB-A346E712E3F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B71E052F-AC0C-4976-B433-3299B4E3A6D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C7D639-9B18-4217-9192-73D34D14FD0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "29CA469F-A2C8-4BE7-9C94-FDF1892C15DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CF26EB0B-8A82-4EB2-A7F7-57A82FBADD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.4.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "8742E6FD-8F67-4EEE-B415-8A0E0508AADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7F6776-CA88-4573-B9FE-976114C0E2F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB667C6-DDC3-4D4F-AA6C-B014CC3866E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5D572-7637-4348-81D4-D0BB33E19FBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF99A64-2885-4BCF-9563-D6C667642BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "175E0321-5E10-4C26-A559-026AFFA86353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9512F9-2900-4445-8027-2349DD9D0EF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D202340-9154-49B2-AF41-6D4BC366D29F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5403A412-60FF-4FFD-B58E-A9349A53CD75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62973329-4CE3-4BFD-8787-5964BDD3DA7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEA2DA6-DDB5-4821-ABD0-1C41AC40B36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "828B15F2-69EB-4D78-93F6-F46D3FE0853B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "178A1EE6-2DA8-48B8-B86D-8F2905B98E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B835C3B-D5A6-4B0E-8EC0-BDAB8A8A8B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9AAF52F0-8479-4F01-A954-8BDF1B02FD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "24424629-3EFC-42F0-A0F4-FDB838579F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9003D-9824-4FEE-B752-5BFA46CD8407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645E15DC-A3CC-4EC1-A6BC-2A11F5326E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:0.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D6A830-2D76-4113-87CA-66F4E0D25BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1562A45C-E100-4B92-B500-1C66D6A51561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD16143-ABB7-46F7-A383-9760DCB0D6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "013C7056-6842-485C-BB83-2C1411AF4539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "07C8E0C2-8622-4436-8D45-734322676F07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69B97CC0-232E-4389-A099-2CD4CC86C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22300323-06D6-404A-B10F-85B34A05DFC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89ACDC55-8AD0-43C2-A5B4-5FCC19A909D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3356A7B3-9A8B-4C8C-93FB-CB4796C05629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A76BC438-7E36-4C98-94B9-507BDA393BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA4BFCC-D573-4AC3-82E4-2F940970DC29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7C8FF4-C8F7-4155-806C-A83F6750B05E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "223AC16F-8B70-4E55-A01B-A6012532CB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6F945C6D-ADE0-4077-B8EF-A6CCB0B4B761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F3099373-E05A-4DF0-88D8-2B73F716B578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9480E7-B7DB-47C5-9CFD-38ED9E0A2454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6D1E5C-4906-4D8F-84CE-B131658D3242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "53D59BB9-26D8-43E7-BA7C-0BFDC4C8AEB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7D25A1C7-E02F-4F6B-B553-A559CC235E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D1886BCB-E5A5-4897-B486-B8AA5560A2B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA0C618-30D4-41BB-96AB-DD4D9B4D4085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0B852D87-A732-448A-8A56-93E45FD1AA07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BF70E5AB-28E5-4968-95A2-F1E8540983A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4F070102-D4C2-4155-A587-7E6CC20508C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C029FE04-EE97-4D69-B095-75D96F1DEF2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "3C89BA5B-BF3A-43B3-828C-33721FAF7DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBE0275-1FB8-433A-AE8F-E3A570249AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:keepalived:keepalived:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB7DCD5-726F-48BF-BFD4-CCB7380C0EAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files."
},
{
"lang": "es",
"value": "La funci\u00f3n pidfile_write en core/pidfile.c en keepalived v1.2.2 y versiones anteriores utiliza permisos 0666 permisos para (1) keepalived.pid, (2) checkers.pid, y (3) archivos vrrp.pid en /var/run/, lo que permite a usuarios locales matar procesos de su elecci\u00f3n escribiendo un PID en uno de estos archivos."
}
],
"id": "CVE-2011-1784",
"lastModified": "2024-11-21T01:27:02.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-20T22:55:04.970",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626281"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.debian.org/debian-security/2011/05/msg00012.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.debian.org/debian-security/2011/05/msg00013.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.debian.org/debian-security/2011/05/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/05/10/5"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/05/16/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44460"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/72380"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/47859"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704039"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.debian.org/debian-security/2011/05/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.debian.org/debian-security/2011/05/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.debian.org/debian-security/2011/05/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/05/10/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/05/16/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/72380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67477"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-08 20:29
Modified
2024-11-21 03:57
Severity ?
Summary
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| keepalived | keepalived | 2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:keepalived:keepalived:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "41629AA7-851D-438F-8836-0574E4912DF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information."
},
{
"lang": "es",
"value": "keepalived 2.0.8 utilizaba el modo 0666 cuando se creaban nuevos archivos temporales tras una llamada a PrintData o PrintStats, con la posibilidad de que se filtrara informaci\u00f3n sensible."
}
],
"id": "CVE-2018-19045",
"lastModified": "2024-11-21T03:57:13.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-08T20:29:00.400",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2018-19045
Vulnerability from cvelistv5
Published
2018-11-08 20:00
Modified
2024-08-05 11:30
Severity ?
EPSS score ?
Summary
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201903-01 | vendor-advisory, x_refsource_GENTOO | |
| https://bugzilla.suse.com/show_bug.cgi?id=1015141 | x_refsource_MISC | |
| https://github.com/acassen/keepalived/issues/1048 | x_refsource_MISC | |
| https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:30:04.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6"
},
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-10T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6"
},
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6"
},
{
"name": "GLSA-201903-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1015141",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"name": "https://github.com/acassen/keepalived/issues/1048",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"name": "https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19045",
"datePublished": "2018-11-08T20:00:00",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2024-08-05T11:30:04.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-19044
Vulnerability from cvelistv5
Published
2018-11-08 20:00
Modified
2024-08-05 11:30
Severity ?
EPSS score ?
Summary
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201903-01 | vendor-advisory, x_refsource_GENTOO | |
| https://bugzilla.suse.com/show_bug.cgi?id=1015141 | x_refsource_MISC | |
| https://github.com/acassen/keepalived/issues/1048 | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2019:2285 | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:30:03.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306"
},
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"name": "RHSA-2019:2285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2285"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "keepalived 2.0.8 didn\u0027t check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306"
},
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"name": "RHSA-2019:2285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2285"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "keepalived 2.0.8 didn\u0027t check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306"
},
{
"name": "GLSA-201903-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1015141",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"name": "https://github.com/acassen/keepalived/issues/1048",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/issues/1048"
},
{
"name": "RHSA-2019:2285",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2285"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19044",
"datePublished": "2018-11-08T20:00:00",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2024-08-05T11:30:03.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1784
Vulnerability from cvelistv5
Published
2011-05-20 22:00
Modified
2024-08-06 22:37
Severity ?
EPSS score ?
Summary
The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/67477 | vdb-entry, x_refsource_XF | |
| http://lists.debian.org/debian-security/2011/05/msg00018.html | mailing-list, x_refsource_MLIST | |
| http://lists.debian.org/debian-security/2011/05/msg00012.html | mailing-list, x_refsource_MLIST | |
| http://openwall.com/lists/oss-security/2011/05/10/5 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/47859 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/72380 | vdb-entry, x_refsource_OSVDB | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626281 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/44460 | third-party-advisory, x_refsource_SECUNIA | |
| http://openwall.com/lists/oss-security/2011/05/16/7 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=704039 | x_refsource_CONFIRM | |
| http://lists.debian.org/debian-security/2011/05/msg00013.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "keepalived-pid-dos(67477)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67477"
},
{
"name": "[debian-security] 20110511 Re: World writable pid and lock files.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.debian.org/debian-security/2011/05/msg00018.html"
},
{
"name": "[debian-security] 20110510 World writable pid and lock files.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.debian.org/debian-security/2011/05/msg00012.html"
},
{
"name": "[oss-security] 20110510 CVE request: keepalived pid file permissions issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/10/5"
},
{
"name": "47859",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47859"
},
{
"name": "72380",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/72380"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626281"
},
{
"name": "44460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44460"
},
{
"name": "[oss-security] 20110516 Re: CVE request: keepalived pid file permissions issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704039"
},
{
"name": "[debian-security] 20110510 Re: World writable pid and lock files.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.debian.org/debian-security/2011/05/msg00013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "keepalived-pid-dos(67477)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67477"
},
{
"name": "[debian-security] 20110511 Re: World writable pid and lock files.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.debian.org/debian-security/2011/05/msg00018.html"
},
{
"name": "[debian-security] 20110510 World writable pid and lock files.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.debian.org/debian-security/2011/05/msg00012.html"
},
{
"name": "[oss-security] 20110510 CVE request: keepalived pid file permissions issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/10/5"
},
{
"name": "47859",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47859"
},
{
"name": "72380",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/72380"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626281"
},
{
"name": "44460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44460"
},
{
"name": "[oss-security] 20110516 Re: CVE request: keepalived pid file permissions issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704039"
},
{
"name": "[debian-security] 20110510 Re: World writable pid and lock files.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.debian.org/debian-security/2011/05/msg00013.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1784",
"datePublished": "2011-05-20T22:00:00",
"dateReserved": "2011-04-19T00:00:00",
"dateUpdated": "2024-08-06T22:37:25.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-19115
Vulnerability from cvelistv5
Published
2018-11-08 20:00
Modified
2024-08-05 11:30
Severity ?
EPSS score ?
Summary
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201903-01 | vendor-advisory, x_refsource_GENTOO | |
| https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html | mailing-list, x_refsource_MLIST | |
| https://bugzilla.suse.com/show_bug.cgi?id=1015141 | x_refsource_MISC | |
| https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9 | x_refsource_MISC | |
| https://github.com/acassen/keepalived/pull/961 | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2019:0022 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3995-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3995-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2019:1792 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:1945 | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:30:04.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"name": "[debian-lts-announce] 20181126 [SECURITY] [DLA-1589-1] keepalived security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/pull/961"
},
{
"name": "RHSA-2019:0022",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0022"
},
{
"name": "USN-3995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3995-1/"
},
{
"name": "USN-3995-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3995-2/"
},
{
"name": "RHSA-2019:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1792"
},
{
"name": "RHSA-2019:1945",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T12:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"name": "[debian-lts-announce] 20181126 [SECURITY] [DLA-1589-1] keepalived security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/pull/961"
},
{
"name": "RHSA-2019:0022",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0022"
},
{
"name": "USN-3995-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3995-1/"
},
{
"name": "USN-3995-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3995-2/"
},
{
"name": "RHSA-2019:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1792"
},
{
"name": "RHSA-2019:1945",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201903-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"name": "[debian-lts-announce] 20181126 [SECURITY] [DLA-1589-1] keepalived security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1015141",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"name": "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9"
},
{
"name": "https://github.com/acassen/keepalived/pull/961",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/pull/961"
},
{
"name": "RHSA-2019:0022",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0022"
},
{
"name": "USN-3995-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3995-1/"
},
{
"name": "USN-3995-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3995-2/"
},
{
"name": "RHSA-2019:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1792"
},
{
"name": "RHSA-2019:1945",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19115",
"datePublished": "2018-11-08T20:00:00",
"dateReserved": "2018-11-08T00:00:00",
"dateUpdated": "2024-08-05T11:30:04.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-19046
Vulnerability from cvelistv5
Published
2018-11-08 20:00
Modified
2024-08-05 11:30
Severity ?
EPSS score ?
Summary
keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201903-01 | vendor-advisory, x_refsource_GENTOO | |
| https://bugzilla.suse.com/show_bug.cgi?id=1015141 | x_refsource_MISC | |
| https://github.com/acassen/keepalived/issues/1048 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:30:04.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "keepalived 2.0.8 didn\u0027t check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-10T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201903-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/acassen/keepalived/issues/1048"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "keepalived 2.0.8 didn\u0027t check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201903-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-01"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1015141",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141"
},
{
"name": "https://github.com/acassen/keepalived/issues/1048",
"refsource": "MISC",
"url": "https://github.com/acassen/keepalived/issues/1048"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19046",
"datePublished": "2018-11-08T20:00:00",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2024-08-05T11:30:04.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44225
Vulnerability from cvelistv5
Published
2021-11-26 00:00
Modified
2024-08-04 04:17
Severity ?
EPSS score ?
Summary
In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:17:24.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/pull/2063"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d"
},
{
"name": "FEDORA-2021-255eff1bb5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6O2R6EXURJQFPFPYFWRCZLUYVWQCLSZM/"
},
{
"name": "FEDORA-2021-0cda131052",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5226RYNMNB7FL4MSJDIBBGPUWH6LMRYV/"
},
{
"name": "[debian-lts-announce] 20230410 [SECURITY] [DLA 3388-1] keepalived security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-10T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/acassen/keepalived/pull/2063"
},
{
"url": "https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d"
},
{
"name": "FEDORA-2021-255eff1bb5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6O2R6EXURJQFPFPYFWRCZLUYVWQCLSZM/"
},
{
"name": "FEDORA-2021-0cda131052",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5226RYNMNB7FL4MSJDIBBGPUWH6LMRYV/"
},
{
"name": "[debian-lts-announce] 20230410 [SECURITY] [DLA 3388-1] keepalived security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00012.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-44225",
"datePublished": "2021-11-26T00:00:00",
"dateReserved": "2021-11-25T00:00:00",
"dateUpdated": "2024-08-04T04:17:24.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}