CVE-2013-0281
Summary
| CVE | CVE-2013-0281 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-11-23 11:55:00 UTC |
| Updated | 2019-04-22 17:48:00 UTC |
| Description | Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking). |
Risk And Classification
Problem Types: CWE-399
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Clusterlabs | Pacemaker | 1.1.10 | All | All | All |
| Application | Clusterlabs | Pacemaker | 1.1.10 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| High: core: Internal tls api improvements for reuse with future LRMD … · ClusterLabs/pacemaker@564f7cc · GitHub | CONFIRM | github.com | Exploit, Patch |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Vendor Advisory |
| Bug 891922 – CVE-2013-0281 pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets | CONFIRM | bugzilla.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.