CVE-2014-5247 Information
Description
The _UpgradeBeforeConfigurationChange function in lib/client/gnt_cluster.py in Ganeti 2.10.0 before 2.10.7 and 2.11.0 before 2.11.5 uses world-readable permissions for the configuration backup file which allows local users to obtain SSL keys remote API credentials and other sensitive information by reading the file related to the upgrade command.
Reference
http://git.ganeti.org/?p=ganeti.git;a=commit;h=a89f62e2db9ccf715d64d1a6322474b54d2d9ae0 http://packetstormsecurity.com/files/127851/Ganeti-Insecure-Archive-Permission.html http://seclists.org/oss-sec/2014/q3/370 http://www.ocert.org/advisories/ocert-2014-006.html http://www.securityfocus.com/archive/1/533119/100/0/threaded http://www.securityfocus.com/bid/69186 https://exchange.xforce.ibmcloud.com/vulnerabilities/95256
Share on: