Redhat Enterprise Mrg vulnerabilities

CVE-2015-7837 [MEDIUM] CWE-254 CVE-2015-7837: The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when bo The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.

CVE-2015-7553 [MEDIUM] CWE-362 CVE-2015-7553: Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.

CVE-2016-3699 [HIGH] CWE-264 CVE-2016-3699: The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when boot The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.

CVE-2016-4470 [MEDIUM] CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not e The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

CVE-2015-1350 [MEDIUM] CWE-552 CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr ope The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the pin

CVE-2015-2922 [LOW] CWE-17 CVE-2015-2922: The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol impl The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

CVE-2014-3673 [HIGH] CWE-20 CVE-2014-3673: The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

CVE-2014-3687 [HIGH] CWE-400 CVE-2014-3687: The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

CVE-2012-2682 [MEDIUM] CWE-20 CVE-2012-2682: Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with cer Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link.

CVE-2014-0174 [MEDIUM] CWE-200 CVE-2014-0174: Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTP Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3940 [MEDIUM] CWE-362 CVE-2014-3940: The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which al The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.

CVE-2014-3917 [LOW] CWE-200 CVE-2014-3917: kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certai kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

CVE-2013-6445 [MEDIUM] CWE-310 CVE-2013-6445: Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack.

CVE-2011-4930 [MEDIUM] CWE-134 CVE-2011-4930: Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x ver Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hol

CVE-2013-4461 [HIGH] CWE-89 CVE-2013-4461: SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."

CVE-2013-4404 [MEDIUM] CWE-264 CVE-2013-4404: cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote a cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors.

CVE-2013-4414 [MEDIUM] CWE-79 CVE-2013-4414: Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Gr Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.

CVE-2013-4405 [MEDIUM] CWE-352 CVE-2013-4405: Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests.

CVE-2009-5136 [MEDIUM] CWE-20 CVE-2009-5136: The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.

CVE-2013-4255 [LOW] CWE-20 CVE-2013-4255: The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attribu The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.