CVE-2013-0281
published 2013-11-23CVE-2013-0281: Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
3.00%
85.7th percentile
Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clusterlabs | pacemaker | — | — |
| clusterlabs | pacemaker | >= 0 < 1.1.10-1 | 1.1.10-1 |
| clusterlabs | pacemaker | >= 0 < 1.1.10-1 | 1.1.10-1 |
| clusterlabs | pacemaker | >= 0 < 1.1.10-1 | 1.1.10-1 |
| clusterlabs | pacemaker | >= 0 < 1.1.10-1 | 1.1.10-1 |
| debian | pacemaker | < pacemaker 1.1.10-1 (bookworm) | pacemaker 1.1.10-1 (bookworm) |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9mhm-24f3-gp3v: Pacemaker 1
ghsa_unreviewed·2022-05-05
CVE-2013-0281 [MEDIUM] GHSA-9mhm-24f3-gp3v: Pacemaker 1
Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).
OSV
CVE-2013-0281: Pacemaker 1
osv·2013-11-23·CVSS 4.3
CVE-2013-0281 [MEDIUM] CVE-2013-0281: Pacemaker 1
Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).
Red Hat
pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets
vendor_redhat·2013-02-14·CVSS 4.3
CVE-2013-0281 [MEDIUM] pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets
pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets
Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).
Debian
CVE-2013-0281: pacemaker - Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or re...
vendor_debian·2013·CVSS 4.3
CVE-2013-0281 [MEDIUM] CVE-2013-0281: pacemaker - Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or re...
Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).
Scope: local
bookworm: resolved (fixed in 1.1.10-1)
bullseye: resolved (fixed in 1.1.10-1)
forky: resolved (fixed in 1.1.10-1)
sid: resolved (fixed in 1.1.10-1)
trixie: resolved (fixed in 1.1.10-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials [fedora-all]
bugzilla·2013-02-14·CVSS 4.3
CVE-2013-0281 [MEDIUM] CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials [fedora-all]
CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the
Bugzilla
CVE-2013-0281 pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets
bugzilla·2013-01-04·CVSS 4.3
CVE-2013-0281 [MEDIUM] CVE-2013-0281 pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets
CVE-2013-0281 pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets
A denial of service flaw was found in the way Pacemaker, an advanced, scalable high-availability cluster resource manager for Linux-HA (Heartbeat) and/or Corosync, performed authentication and processing of remote connections in certain circumstances. In general Pacemaker used a blocking socket (without a timeout) to wait for authentication credentials to arrive. When Pacemaker was configured to allow remote Cluster Information Base (CIB) cluster's configuration / cluster's resources management, a remote attacker could use this flaw to cause Pacemaker to block indefinitely (preventing it from serving another requests).
Important Note: In the default configuration of Pacemaker in Red Hat E
http://rhn.redhat.com/errata/RHSA-2013-1635.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=891922https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93http://rhn.redhat.com/errata/RHSA-2013-1635.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=891922https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93
2013-11-23
Published