CVE-2015-5189 Information

Description

Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.

Reference

http://rhn.redhat.com/errata/RHSA-2015-1700.html https://bugzilla.redhat.com/show_bug.cgi?id=1252805