Showing 1 - 3 of 3

CVE-2020-15113

Status Candidate

Overview

In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll. This function does not perform any permission checks when a given directory path exists already. A possible workaround is to ensure the directories have the desired permission (700).

Related Files

Ubuntu Security Notice USN-5628-1: Posted Sep 22, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5628-1 - It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that exists already. An attacker could possibly use this issue to obtain sensitive information. It was discovered that etcd incorrectly handled endpoint setup. An attacker could possibly use this issue to cause a denial of service.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2020-15106, CVE-2020-15113, CVE-2020-15114; SHA-256 | 28f2da782ea003139da2e8040d034ae2b2f3198ce124812a6471f98fc2cbaab1; Download | Favorite | View

Red Hat Security Advisory 2021-2438-01: Posted Jul 28, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2438-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, denial of service, open redirection, resource exhaustion, and remote shell upload vulnerabilities.; tags | advisory, remote, denial of service, shell, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2016-2183, CVE-2020-15106, CVE-2020-15112, CVE-2020-15113, CVE-2020-15114, CVE-2020-15136, CVE-2020-26160, CVE-2020-26541, CVE-2020-28469, CVE-2020-28500, CVE-2020-28852, CVE-2020-7774, CVE-2021-20206, CVE-2021-20271, CVE-2021-20291, CVE-2021-21419, CVE-2021-21623, CVE-2021-21639, CVE-2021-21640, CVE-2021-21648, CVE-2021-22133, CVE-2021-23337, CVE-2021-23362, CVE-2021-23368, CVE-2021-23382, CVE-2021-25735; SHA-256 | 44f1588b77c38919a903c4dffe0b5b58cf96f91a447694471f228851a5f89f6d; Download | Favorite | View

Red Hat Security Advisory 2021-0916-01: Posted Mar 18, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0916-01 - A highly-available key value store for shared configuration. Issues addressed include denial of service and resource exhaustion vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2020-15106, CVE-2020-15112, CVE-2020-15113, CVE-2020-15114, CVE-2020-15115, CVE-2020-15136; SHA-256 | 0bdcf046f9fdb59ea9e694ecb80852f244b005d8a32739b4fe9cd5226b0bc65e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2020-15113

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems