Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5556-1

Ubuntu Security Notice 5556-1 - It was discovered that Booth incorrectly handled user authentication. An attacker could use this vulnerability to cause a denial of service.

Packet Storm
#vulnerability#ubuntu#dos#auth
=========================================================================Ubuntu Security Notice USN-5556-1August 09, 2022booth vulnerability=========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Booth could be made to be stop working under certain circumstances.Software Description:- booth: Cluster Ticket ManagerDetails:It was discovered that Booth incorrectly handled user authentication. Anattacker could use this vulnerability to cause a denial of service.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:  booth                           1.0-237-gdd88847-4ubuntu2.2Ubuntu 20.04 LTS:  booth                           1.0-174-gce9f821-1ubuntu0.2In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-5556-1  CVE-2022-2553Package Information:  https://launchpad.net/ubuntu/+source/booth/1.0-237-gdd88847-4ubuntu2.2  https://launchpad.net/ubuntu/+source/booth/1.0-174-gce9f821-1ubuntu0.2

Related news

Red Hat Security Advisory 2022-6580-01

Red Hat Security Advisory 2022-6580-01 - The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network. Tickets facilitated by a Booth formation are the units of authorization that can be bound to certain resources. This will ensure that the resources are run at only one site at a time.

RHSA-2022:6580: Red Hat Security Advisory: booth security update

An update for booth is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2553: booth: authfile directive in booth config file is completely ignored.

Red Hat Security Advisory 2022-6439-01

Red Hat Security Advisory 2022-6439-01 - The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network. Tickets facilitated by a Booth formation are the units of authorization that can be bound to certain resources. This will ensure that the resources are run at only one site at a time.

RHSA-2022:6439: Red Hat Security Advisory: booth security update

An update for booth is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2553: booth: authfile directive in booth config file is completely ignored.

Red Hat Security Advisory 2022-6250-01

Red Hat Security Advisory 2022-6250-01 - The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network. Tickets facilitated by a Booth formation are the units of authorization that can be bound to certain resources. This will ensure that the resources are run at only one site at a time.

RHSA-2022:6250: Red Hat Security Advisory: booth security update

An update for booth is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2553: booth: authfile directive in booth config file is completely ignored.

CVE-2022-2553: Revert "Refactor: main: substitute is_auth_req macro" · ClusterLabs/booth@35bf0b7

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution