exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

CVE-2018-10855

Status Candidate

Overview

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.

Related Files

Debian Security Advisory 4396-1
Posted Feb 20, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4396-1 - Several vulnerabilities have been found in Ansible, a configuration management, deployment, and task execution system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2018-10855, CVE-2018-10875, CVE-2018-16837, CVE-2018-16876, CVE-2019-3828
MD5 | e731970af38b8a949348da84d1ee14ec
Red Hat Security Advisory 2019-0054-01
Posted Jan 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0054-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, remote, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-10855, CVE-2018-10874, CVE-2018-10875
MD5 | ce0ec5ec5a1a30a4008850c12fe6b6be
Red Hat Security Advisory 2018-2585-01
Posted Aug 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2585-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include code execution and information leakage vulnerabilities.

tags | advisory, remote, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-10855, CVE-2018-10874, CVE-2018-10875
MD5 | 38877723c006274973145d6e4810d71f
Red Hat Security Advisory 2018-2184-01
Posted Jul 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2184-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security fix: ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs Issues addressed include an information leakage vulnerability.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2018-10855
MD5 | c5d3d6f4de0a1d1ab0c9c8776805feee
Red Hat Security Advisory 2018-2079-01
Posted Jun 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2079-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-10855
MD5 | 978e16b595a95886dddb95de2ada68c3
Red Hat Security Advisory 2018-2022-01
Posted Jun 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2022-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-10855
MD5 | 933af30ec35fe9bc049d8875961f297e
Red Hat Security Advisory 2018-1949-01
Posted Jun 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1949-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-10855
MD5 | d387dece9bedeed11922b58ec59682ee
Red Hat Security Advisory 2018-1948-01
Posted Jun 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1948-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2018-10855
MD5 | 6f96d2d8e4f8ecabca49d752d66a2f8e
Page 1 of 1
Back1Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    16 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close