CVE-2016-7035

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-7035

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7035.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-7035

Related

Published

2018-09-10T16:29:00Z

Modified

2025-01-15T01:15:14.740491Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

References

Affected packages

Debian:11 / pacemaker

Package

Name: pacemaker
Purl: pkg:deb/debian/pacemaker?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.15-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / pacemaker

Package

Name: pacemaker
Purl: pkg:deb/debian/pacemaker?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.15-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / pacemaker

Package

Name: pacemaker
Purl: pkg:deb/debian/pacemaker?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.15-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/clusterlabs/pacemaker

Affected ranges

Type: GIT
Repo: https://github.com/clusterlabs/pacemaker
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5d71e65049

Fixed

5d71e65049

Affected versions

Pacemaker-0.*

Pacemaker-0.6.0

Pacemaker-0.6.1

Pacemaker-0.6.2

Pacemaker-0.6.3

Pacemaker-0.6.4

Pacemaker-0.6.5

Pacemaker-0.6.6

Pacemaker-0.7.0

Pacemaker-0.7.3

Pacemaker-1.*

Pacemaker-1.0.0

Pacemaker-1.0.1

Pacemaker-1.0.2

Pacemaker-1.0.3

Pacemaker-1.0.4

Pacemaker-1.0.5

Pacemaker-1.0.6

Pacemaker-1.0.7

Pacemaker-1.0.8

Pacemaker-1.1.0

Pacemaker-1.1.1

Pacemaker-1.1.10

Pacemaker-1.1.10-rc1

Pacemaker-1.1.10-rc2

Pacemaker-1.1.10-rc3

Pacemaker-1.1.10-rc4

Pacemaker-1.1.10-rc5

Pacemaker-1.1.10-rc6

Pacemaker-1.1.10-rc7

Pacemaker-1.1.11

Pacemaker-1.1.11-rc1

Pacemaker-1.1.11-rc2

Pacemaker-1.1.11-rc3

Pacemaker-1.1.11-rc4

Pacemaker-1.1.11-rc5

Pacemaker-1.1.12

Pacemaker-1.1.12-rc1

Pacemaker-1.1.12-rc2

Pacemaker-1.1.12-rc3

Pacemaker-1.1.12-rc4

Pacemaker-1.1.13

Pacemaker-1.1.13-rc1

Pacemaker-1.1.13-rc2

Pacemaker-1.1.13-rc3

Pacemaker-1.1.14

Pacemaker-1.1.14-rc1

Pacemaker-1.1.14-rc2

Pacemaker-1.1.14-rc3

Pacemaker-1.1.14-rc4

Pacemaker-1.1.14-rc5

Pacemaker-1.1.15

Pacemaker-1.1.15-rc1

Pacemaker-1.1.15-rc2

Pacemaker-1.1.15-rc3

Pacemaker-1.1.15-rc4

Pacemaker-1.1.2

Pacemaker-1.1.2.1

Pacemaker-1.1.3

Pacemaker-1.1.4

Pacemaker-1.1.5

Pacemaker-1.1.6

Pacemaker-1.1.6.1

Pacemaker-1.1.7

Pacemaker-1.1.8

Pacemaker-1.1.9

RHEL6.*

RHEL6.3

RHEL6.4

Other

SLE11-HAE-GMC

pacemaker-1.*

pacemaker-1.1.2-6.el6