exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2019-10156

Status Candidate

Overview

A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.

Related Files

Debian Security Advisory 4950-1
Posted Aug 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4950-1 - Several vulnerabilities have been found in Ansible, a configuration management, deployment and task execution system, which could result in information disclosure or argument injection. In addition a race condition in become_user was fixed.

tags | advisory, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2019-10156, CVE-2019-10206, CVE-2019-14846, CVE-2019-14864, CVE-2019-14904, CVE-2020-10684, CVE-2020-10685, CVE-2020-10729, CVE-2020-14330, CVE-2020-14332, CVE-2020-14365, CVE-2020-1733, CVE-2020-1735, CVE-2020-1739
SHA-256 | ebc20b43ab01a59fe77b2563453e04e2e0c224cd419dac6ce5d62cf99236915e
Red Hat Security Advisory 2019-3789-01
Posted Nov 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3789-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include information leakage and traversal vulnerabilities.

tags | advisory, remote, vulnerability
systems | linux, redhat
advisories | CVE-2019-10156, CVE-2019-10206, CVE-2019-3828
SHA-256 | 5fba3daa955457daa792f7cc77f588da395cd01388ca5032d2a072a9b3d02de4
Red Hat Security Advisory 2019-3744-01
Posted Nov 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3744-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include information leakage and traversal vulnerabilities.

tags | advisory, remote, vulnerability
systems | linux, redhat
advisories | CVE-2019-10156, CVE-2019-10206, CVE-2019-3828
SHA-256 | 19dfbe0b0631d6ee801a6300eacdd4c9c6e7fc627fe06a7837c05d5dc559e07f
Ubuntu Security Notice USN-4072-1
Posted Jul 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4072-1 - It was discovered that Ansible failed to properly handle sensitive information. A local attacker could use those vulnerabilities to extract them. It was discovered that Ansible could load configuration files from the current working directory containing crafted commands. An attacker could run arbitrary code as result. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-7481, CVE-2018-10855, CVE-2018-10874, CVE-2018-10875, CVE-2018-16837, CVE-2018-16876, CVE-2019-10156, CVE-2019-3828
SHA-256 | 067d7fa1810947a5a71e4e63c60c2cf15d329e2fb5336677d77831ac4b96d497
Red Hat Security Advisory 2019-1707-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1707-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
SHA-256 | d2d340b8f33db9a26a1f1a975019abdf644038e3c5525032c848794775f1ad0b
Red Hat Security Advisory 2019-1708-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1708-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
SHA-256 | 57a847fc6a8b35e919b74b88de4f8cbe46882f89a4436455399d3ad8c6664790
Red Hat Security Advisory 2019-1706-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1706-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
SHA-256 | 7d1a35aa4fb2820bc00bf384f587e5755de53b50bc2c423cdcb6932afec5635a
Red Hat Security Advisory 2019-1705-01
Posted Jul 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1705-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2019-10156
SHA-256 | 5e637e5f1ceee288a70ecd2eed5cb096336f105a9d84e897401aa9c0642b7acc
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close