exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

CVE-2020-1753

Status Candidate

Overview

A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.

Related Files

Gentoo Linux Security Advisory 202008-20
Posted Aug 31, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202008-20 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the arbitrary execution of code. Versions less than 9.52 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-15900, CVE-2020-16287, CVE-2020-16288, CVE-2020-16289, CVE-2020-16290, CVE-2020-16291, CVE-2020-16292, CVE-2020-16293, CVE-2020-16294, CVE-2020-16295, CVE-2020-16296, CVE-2020-16297, CVE-2020-16298, CVE-2020-16299, CVE-2020-16300, CVE-2020-16301, CVE-2020-16302, CVE-2020-16303, CVE-2020-16304, CVE-2020-16305, CVE-2020-16306, CVE-2020-16307, CVE-2020-16308, CVE-2020-16309, CVE-2020-16310, CVE-2020-17538
MD5 | 83377a4675a26eafbe579f5ad0fce200
Ubuntu Security Notice USN-4469-1
Posted Aug 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4469-1 - It was discovered that Ghostscript incorrectly handled certain document files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-16287, CVE-2020-16291, CVE-2020-16295, CVE-2020-16299, CVE-2020-16303, CVE-2020-16307, CVE-2020-17538
MD5 | 2d9bb0274240c392bfc66cd2aee77609
Gentoo Linux Security Advisory 202006-11
Posted Jun 12, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202006-11 - Multiple vulnerabilities have been found in Ansible, the worst of which could result in the arbitrary execution of code. Versions less than 2.9.7 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-10684, CVE-2020-10685, CVE-2020-1733, CVE-2020-1735, CVE-2020-1736, CVE-2020-1737, CVE-2020-1738, CVE-2020-1740, CVE-2020-1753
MD5 | dec0bd00f521b67664a567de2b75d5ad
Red Hat Security Advisory 2020-2142-01
Posted May 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2142-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2020-1753
MD5 | d7c022c3ac2c293da366dd6791c3f81a
Red Hat Security Advisory 2020-1541-01
Posted Apr 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1541-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include information leakage, password leak, and traversal vulnerabilities.

tags | advisory, remote, vulnerability
systems | linux, redhat
advisories | CVE-2020-10684, CVE-2020-10685, CVE-2020-10691, CVE-2020-1733, CVE-2020-1735, CVE-2020-1737, CVE-2020-1739, CVE-2020-1740, CVE-2020-1746, CVE-2020-1753
MD5 | c12c793425e1c1eef49a875912b4653a
Red Hat Security Advisory 2020-1542-01
Posted Apr 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1542-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include information leakage, password leak, and traversal vulnerabilities.

tags | advisory, remote, vulnerability
systems | linux, redhat
advisories | CVE-2020-10684, CVE-2020-10685, CVE-2020-10691, CVE-2020-1733, CVE-2020-1735, CVE-2020-1737, CVE-2020-1739, CVE-2020-1740, CVE-2020-1746, CVE-2020-1753
MD5 | 01c2de852ac447419a44c3c05a59d05a
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close