PT-2017-6151 · Netcf+3 · Netcf+3

Published

2015-06-24

Updated

2019-04-22

CVE-2014-8119

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: netcf versions prior to 0.2.7

Description: The issue concerns the find ifcfg path function in netcf, which might allow attackers to cause a denial of service, resulting in an application crash. This can be achieved via vectors involving augeas path expressions.

Recommendations: For versions prior to 0.2.7, update to version 0.2.7 or later to resolve the issue.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CESA-2015_2248

CVE-2014-8119

RHSA-2015:2248

RHSA-2015_2248

SUSE-SU-2015:1249-1

SUSE-SU-2015:1792-1

SUSE-SU-2015_1249-1

SUSE-SU-2015_1792-1

SUSE-SU-2018:0653-1

SUSE-SU-2018_0653-1

Affected Products

Centos

Red Hat

Suse

Netcf

PT-2017-6151 · Netcf+3 · Netcf+3

CVE-2014-8119

Weakness Enumeration

Related Identifiers

Affected Products

References · 34