Oval Definition:oval:org.opensuse.security:def:20181112
Revision Date:2021-06-25Version:1
Title:CVE-2018-1112
Description:

glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-1112
openSUSE-SU-2020:0079-1
Mitre CVE-2018-1112
SUSE CVE-2018-1112
openSUSE-SU-2020:0079-1
Platform(s):openSUSE Leap 15.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • glusterfs-3.12.15-lp151.3.3.1 is installed
  • AND glusterfs is signed with openSUSE key
  • OR
  • glusterfs-devel-3.12.15-lp151.3.3.1 is installed
  • AND glusterfs-devel is signed with openSUSE key
  • OR
  • libgfapi0-3.12.15-lp151.3.3.1 is installed
  • AND libgfapi0 is signed with openSUSE key
  • OR
  • libgfchangelog0-3.12.15-lp151.3.3.1 is installed
  • AND libgfchangelog0 is signed with openSUSE key
  • OR
  • libgfdb0-3.12.15-lp151.3.3.1 is installed
  • AND libgfdb0 is signed with openSUSE key
  • OR
  • libgfrpc0-3.12.15-lp151.3.3.1 is installed
  • AND libgfrpc0 is signed with openSUSE key
  • OR
  • libgfxdr0-3.12.15-lp151.3.3.1 is installed
  • AND libgfxdr0 is signed with openSUSE key
  • OR
  • libglusterfs0-3.12.15-lp151.3.3.1 is installed
  • AND libglusterfs0 is signed with openSUSE key
  • OR
  • python-gluster-3.12.15-lp151.3.3.1 is installed
  • AND python-gluster is signed with openSUSE key
    • BACK