| Vulnerability Name: | CVE-2009-4261 (CCN-54931) | ||||||||||||||||
| Assigned: | 2009-12-17 | ||||||||||||||||
| Published: | 2009-12-17 | ||||||||||||||||
| Updated: | 2018-10-10 | ||||||||||||||||
| Summary: | Multiple directory traversal vulnerabilities in the iallocator framework in Ganeti 1.2.4 through 1.2.8, 2.0.0 through 2.0.4, and 2.1.0 before 2.1.0~rc2 allow (1) remote attackers to execute arbitrary programs via a crafted external script name supplied through the HTTP remote API (RAPI) and allow (2) local users to execute arbitrary programs and gain privileges via a crafted external script name supplied through a gnt-* command, related to "path sanitization errors." | ||||||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||||||||||
| Vulnerability Type: | CWE-22 | ||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||
| References: | Source: CCN Type: ganeti Web site Ganeti Source: MITRE Type: CNA CVE-2009-4261 Source: CONFIRM Type: UNKNOWN http://git.ganeti.org/?p=ganeti.git;a=blobdiff;f=lib/constants.py;h=81302575487a44ed192e61aa7b21888a215ef215;hp=c353878ed83ce66d21c237da5e709dedd7b6f26b;hb=0084657a21afb49c6f74498f27b97dfdbc42b383;hpb=d24cb69273e4b03ffcd4e4768d95841b5570e264 Source: CONFIRM Type: UNKNOWN http://git.ganeti.org/?p=ganeti.git;a=blobdiff;f=lib/utils.py;h=bcd8e107bbc44ff94a4bc3dc405b5547719f001d;hp=df2d18027e83b7783e146cbbe58f7efa92317980;hb=f95c81bf21c177f7e6a2c53ea0613034326329bd;hpb=4fe80ef2ed1cda3a6357274eccafe5c1f21a5283 Source: CONFIRM Type: UNKNOWN http://git.ganeti.org/?p=ganeti.git;a=blobdiff;f=NEWS;h=34b46426eca82c351e0a478c71edb66b9bb4b228;hp=7f916c59238503915e927377d887b93eef1f676c;hb=e5823b7e2cd8a3c9037a10aa59823a45642ce29f;hpb=f95c81bf21c177f7e6a2c53ea0613034326329bd Source: CONFIRM Type: UNKNOWN http://git.ganeti.org/?p=ganeti.git;a=commit;h=f95c81bf21c177f7e6a2c53ea0613034326329bd Source: CONFIRM Type: Patch http://groups.google.com/group/ganeti/browse_thread/thread/cbce23d89103a8d2 Source: CCN Type: SA37849 Ganeti "iallocator" Names Arbitrary Command Execution Vulnerability Source: SECUNIA Type: Vendor Advisory 37849 Source: DEBIAN Type: DSA-1959 ganeti -- missing input sanitation Source: CCN Type: oCERT #2009-019 Ganeti path sanitization errors Source: MISC Type: UNKNOWN http://www.ocert.org/advisories/ocert-2009-019.html Source: MLIST Type: UNKNOWN [oss-security] 20091217 [oCERT-2009-019] Ganeti path sanitization errors Source: CCN Type: OSVDB ID: 61204 Ganeti iallocator Name Validation Arbitrary Command Execution Source: BUGTRAQ Type: UNKNOWN 20091217 [Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors Source: CCN Type: BID-37422 Ganeti Arbitrary Command Execution Vulnerability Source: VUPEN Type: Vendor Advisory ADV-2009-3599 Source: XF Type: UNKNOWN ganeti-iallocator-command-execution(54931) | ||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||