RHEL 6：openshift (RHSA-2014:0487)

critical Nessus Plugin ID 119440

語系：

概要

遠端 Red Hat 主機缺少一個或多個安全性更新。

說明

現已提供 Red Hat OpenShift Enterprise 2.1 版，可修正一個安全性問題、數個錯誤，並包含多個增強功能。Red Hat 安全性回應團隊已將此更新評等為具有重要安全性影響。可從〈參照〉一節的 CVE 連結中取得常見弱點評分系統 (CVSS) 的基本分數，其中包含有關嚴重性評等的詳細資訊。Red Hat 的 OpenShift Enterprise 是該公司的雲端運算平台即服務 (PaaS) 解決方案，專門針對內部部署或私有雲端部署而設計。據發現，如果在安裝期間未指定使用者名稱或密碼，openshift-origin-broker 會為服務設定數個預設使用者名稱和密碼。遠端攻擊者可利用這些預設使用者名稱和密碼，以系統管理使用者的權限，存取 OpenShift Enterprise 安裝的多個部分。(CVE-2014-0234) 此問題是由 Red Hat 安全性回應團隊的 Kurt Seifried 所發現的。OpenShift Enterprise 2.1 版本資訊可提供本版本中的新功能和明顯技術變更的相關資訊，以及初始安裝的注意事項。如需 OpenShift Enterprise 的相關資訊，請參閱可在下列網址取得的文件：https://access.redhat.com/site/documentation/en-US/OpenShift_Enterpris e/2/ 建議所有 OpenShift Enterprise 使用者皆升級至 2.1 版。

解決方案

更新受影響的套件。

另請參閱

http://www.nessus.org/u?9bdbd3f6

https://access.redhat.com/errata/RHSA-2014:0487

https://access.redhat.com/security/cve/cve-2014-0234

Plugin 詳細資訊

嚴重性: Critical

ID: 119440

檔案名稱: redhat-RHSA-2014-0487.nasl

版本: 1.10

類型: local

代理程式: unix

系列: Red Hat Local Security Checks

已發布: 2018/12/6

已更新: 2021/1/14

支援的感應器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

風險資訊

VPR

風險因素: Medium

分數: 6.7

CVSS v2

風險因素: High

基本分數: 7.5

時間分數: 5.5

媒介: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

風險因素: Critical

基本分數: 9.8

時間分數: 8.5

媒介: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

時間媒介: CVSS:3.0/E:U/RL:O/RC:C

弱點資訊

CPE: p-cpe:/a:redhat:enterprise_linux:charls, p-cpe:/a:redhat:enterprise_linux:charls-debuginfo, p-cpe:/a:redhat:enterprise_linux:charls-devel, p-cpe:/a:redhat:enterprise_linux:imagemagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:imagemagick-devel, p-cpe:/a:redhat:enterprise_linux:imagemagick-doc, p-cpe:/a:redhat:enterprise_linux:imagemagick-perl, p-cpe:/a:redhat:enterprise_linux:activemq, p-cpe:/a:redhat:enterprise_linux:activemq-client, p-cpe:/a:redhat:enterprise_linux:armadillo, p-cpe:/a:redhat:enterprise_linux:armadillo-debuginfo, p-cpe:/a:redhat:enterprise_linux:armadillo-devel, p-cpe:/a:redhat:enterprise_linux:atlas-debuginfo, p-cpe:/a:redhat:enterprise_linux:atlas-devel, p-cpe:/a:redhat:enterprise_linux:blas-devel, p-cpe:/a:redhat:enterprise_linux:cfitsio, p-cpe:/a:redhat:enterprise_linux:cfitsio-debuginfo, p-cpe:/a:redhat:enterprise_linux:cfitsio-devel, p-cpe:/a:redhat:enterprise_linux:cfitsio-docs, p-cpe:/a:redhat:enterprise_linux:cfitsio-static, p-cpe:/a:redhat:enterprise_linux:facter, p-cpe:/a:redhat:enterprise_linux:freexl, p-cpe:/a:redhat:enterprise_linux:freexl-debuginfo, p-cpe:/a:redhat:enterprise_linux:freexl-devel, p-cpe:/a:redhat:enterprise_linux:gd-debuginfo, p-cpe:/a:redhat:enterprise_linux:gd-devel, p-cpe:/a:redhat:enterprise_linux:gdal, p-cpe:/a:redhat:enterprise_linux:gdal-debuginfo, p-cpe:/a:redhat:enterprise_linux:gdal-devel, p-cpe:/a:redhat:enterprise_linux:gdal-doc, p-cpe:/a:redhat:enterprise_linux:gdal-java, p-cpe:/a:redhat:enterprise_linux:gdal-javadoc, p-cpe:/a:redhat:enterprise_linux:gdal-libs, p-cpe:/a:redhat:enterprise_linux:gdal-perl, p-cpe:/a:redhat:enterprise_linux:gdal-python, p-cpe:/a:redhat:enterprise_linux:gdal-ruby, p-cpe:/a:redhat:enterprise_linux:geos, p-cpe:/a:redhat:enterprise_linux:geos-debuginfo, p-cpe:/a:redhat:enterprise_linux:geos-devel, p-cpe:/a:redhat:enterprise_linux:ghostscript-debuginfo, p-cpe:/a:redhat:enterprise_linux:ghostscript-devel, p-cpe:/a:redhat:enterprise_linux:ghostscript-doc, p-cpe:/a:redhat:enterprise_linux:gpsbabel, p-cpe:/a:redhat:enterprise_linux:gpsbabel-debuginfo, p-cpe:/a:redhat:enterprise_linux:haproxy, p-cpe:/a:redhat:enterprise_linux:haproxy-debuginfo, p-cpe:/a:redhat:enterprise_linux:haproxy15side, p-cpe:/a:redhat:enterprise_linux:haproxy15side-debuginfo, p-cpe:/a:redhat:enterprise_linux:hdf5, p-cpe:/a:redhat:enterprise_linux:hdf5-debuginfo, p-cpe:/a:redhat:enterprise_linux:hdf5-devel, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2-devel, p-cpe:/a:redhat:enterprise_linux:hdf5-mpich2-static, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi-devel, p-cpe:/a:redhat:enterprise_linux:hdf5-openmpi-static, p-cpe:/a:redhat:enterprise_linux:hdf5-static, p-cpe:/a:redhat:enterprise_linux:icu-debuginfo, p-cpe:/a:redhat:enterprise_linux:jasper-debuginfo, p-cpe:/a:redhat:enterprise_linux:jasper-devel, p-cpe:/a:redhat:enterprise_linux:jboss-eap6-index, p-cpe:/a:redhat:enterprise_linux:jboss-eap6-modules, p-cpe:/a:redhat:enterprise_linux:jboss-openshift-metrics-module, p-cpe:/a:redhat:enterprise_linux:jenkins, p-cpe:/a:redhat:enterprise_linux:jenkins-plugin-openshift, p-cpe:/a:redhat:enterprise_linux:js, p-cpe:/a:redhat:enterprise_linux:js-debuginfo, p-cpe:/a:redhat:enterprise_linux:js-devel, p-cpe:/a:redhat:enterprise_linux:json-c, p-cpe:/a:redhat:enterprise_linux:json-c-debuginfo, p-cpe:/a:redhat:enterprise_linux:json-c-devel, p-cpe:/a:redhat:enterprise_linux:json-c-doc, p-cpe:/a:redhat:enterprise_linux:jython, p-cpe:/a:redhat:enterprise_linux:jython-debuginfo, p-cpe:/a:redhat:enterprise_linux:jython-demo, p-cpe:/a:redhat:enterprise_linux:jython-javadoc, p-cpe:/a:redhat:enterprise_linux:jython-manual, p-cpe:/a:redhat:enterprise_linux:lapack-debuginfo, p-cpe:/a:redhat:enterprise_linux:lapack-devel, p-cpe:/a:redhat:enterprise_linux:lcms-debuginfo, p-cpe:/a:redhat:enterprise_linux:lcms-devel, p-cpe:/a:redhat:enterprise_linux:libc-client, p-cpe:/a:redhat:enterprise_linux:libc-client-debuginfo, p-cpe:/a:redhat:enterprise_linux:libc-client-devel, p-cpe:/a:redhat:enterprise_linux:libcgroup-debuginfo, p-cpe:/a:redhat:enterprise_linux:libcgroup-pam, p-cpe:/a:redhat:enterprise_linux:libdap, p-cpe:/a:redhat:enterprise_linux:libdap-debuginfo, p-cpe:/a:redhat:enterprise_linux:libdap-devel, p-cpe:/a:redhat:enterprise_linux:libdap-doc, p-cpe:/a:redhat:enterprise_linux:libestr, p-cpe:/a:redhat:enterprise_linux:libestr-debuginfo, p-cpe:/a:redhat:enterprise_linux:libestr-devel, p-cpe:/a:redhat:enterprise_linux:libev, p-cpe:/a:redhat:enterprise_linux:libev-debuginfo, p-cpe:/a:redhat:enterprise_linux:libev-devel, p-cpe:/a:redhat:enterprise_linux:libffi-debuginfo, p-cpe:/a:redhat:enterprise_linux:libffi-devel, p-cpe:/a:redhat:enterprise_linux:libgeotiff, p-cpe:/a:redhat:enterprise_linux:libgeotiff-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgeotiff-devel, p-cpe:/a:redhat:enterprise_linux:libgta, p-cpe:/a:redhat:enterprise_linux:libgta-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgta-devel, p-cpe:/a:redhat:enterprise_linux:libgta-doc, p-cpe:/a:redhat:enterprise_linux:libicu-devel, p-cpe:/a:redhat:enterprise_linux:libmcrypt, p-cpe:/a:redhat:enterprise_linux:libmcrypt-debuginfo, p-cpe:/a:redhat:enterprise_linux:libmcrypt-devel, p-cpe:/a:redhat:enterprise_linux:libmongodb, p-cpe:/a:redhat:enterprise_linux:libreadline-java, p-cpe:/a:redhat:enterprise_linux:libreadline-java-debuginfo, p-cpe:/a:redhat:enterprise_linux:libreadline-java-javadoc, p-cpe:/a:redhat:enterprise_linux:libspatialite, p-cpe:/a:redhat:enterprise_linux:libspatialite-debuginfo, p-cpe:/a:redhat:enterprise_linux:libspatialite-devel, p-cpe:/a:redhat:enterprise_linux:libwebp, p-cpe:/a:redhat:enterprise_linux:libwebp-debuginfo, p-cpe:/a:redhat:enterprise_linux:libwebp-devel, p-cpe:/a:redhat:enterprise_linux:libwebp-java, p-cpe:/a:redhat:enterprise_linux:libwebp-tools, p-cpe:/a:redhat:enterprise_linux:maven3, p-cpe:/a:redhat:enterprise_linux:mod_passenger, p-cpe:/a:redhat:enterprise_linux:mongodb, p-cpe:/a:redhat:enterprise_linux:mongodb-debuginfo, p-cpe:/a:redhat:enterprise_linux:mongodb-server, p-cpe:/a:redhat:enterprise_linux:netcdf, p-cpe:/a:redhat:enterprise_linux:netcdf-debuginfo, p-cpe:/a:redhat:enterprise_linux:netcdf-devel, p-cpe:/a:redhat:enterprise_linux:netcdf-static, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bignumber.js, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bson, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bson-debuginfo, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-buffer-crc32, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-bytes, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-colors, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-commander, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-connect, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-cookie, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-cookie-signature, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-debug, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-express, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-formidable, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-fresh, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-generic-pool, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-keypress, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-methods, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-mongodb, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-mysql, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-node-static, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-optimist, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-options, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pause, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pg, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-pg-debuginfo, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-range-parser, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-require-all, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-send, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-supervisor, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-tinycolor, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-wordwrap, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-ws, p-cpe:/a:redhat:enterprise_linux:nodejs010-nodejs-ws-debuginfo, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-release, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-upgrade-broker, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-upgrade-node, p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-yum-validator, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker-util, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-cron, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-jbosseap, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-jbossews, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-nodejs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-perl, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-php, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-optional-ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-jbosseap, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-jbossews, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-nodejs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-perl, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-php, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-dependencies-recommended-ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-diy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-haproxy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbosseap, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jbossews, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-jenkins-client, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mock, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mock-plugin, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-mysql, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-nodejs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-perl, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-php, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-postgresql, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-python, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby, p-cpe:/a:redhat:enterprise_linux:openshift-origin-console, p-cpe:/a:redhat:enterprise_linux:openshift-origin-logshifter, p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-common, p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-node-mcollective, p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-proxy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-util, p-cpe:/a:redhat:enterprise_linux:openshift-origin-port-proxy, p-cpe:/a:redhat:enterprise_linux:openshift-origin-util-scl, p-cpe:/a:redhat:enterprise_linux:pam_openshift, p-cpe:/a:redhat:enterprise_linux:pam_openshift-debuginfo, p-cpe:/a:redhat:enterprise_linux:perl-app-cpanminus, p-cpe:/a:redhat:enterprise_linux:perl-class-accessor, p-cpe:/a:redhat:enterprise_linux:perl-class-dbi, p-cpe:/a:redhat:enterprise_linux:perl-class-dbi-pg, p-cpe:/a:redhat:enterprise_linux:perl-class-data-inheritable, p-cpe:/a:redhat:enterprise_linux:perl-class-factory-util, p-cpe:/a:redhat:enterprise_linux:perl-class-trigger, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-docs, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-utils, p-cpe:/a:redhat:enterprise_linux:proj, p-cpe:/a:redhat:enterprise_linux:proj-debuginfo, p-cpe:/a:redhat:enterprise_linux:proj-devel, p-cpe:/a:redhat:enterprise_linux:proj-nad, p-cpe:/a:redhat:enterprise_linux:python-virtualenv, p-cpe:/a:redhat:enterprise_linux:python27-mod_wsgi, p-cpe:/a:redhat:enterprise_linux:python27-mod_wsgi-debuginfo, p-cpe:/a:redhat:enterprise_linux:python27-numpy, p-cpe:/a:redhat:enterprise_linux:python27-numpy-debuginfo, p-cpe:/a:redhat:enterprise_linux:python27-numpy-f2py, p-cpe:/a:redhat:enterprise_linux:python27-python-pip, p-cpe:/a:redhat:enterprise_linux:python27-python-pip-virtualenv, p-cpe:/a:redhat:enterprise_linux:quartz, p-cpe:/a:redhat:enterprise_linux:rhc, p-cpe:/a:redhat:enterprise_linux:rsyslog7, p-cpe:/a:redhat:enterprise_linux:rsyslog7-crypto, p-cpe:/a:redhat:enterprise_linux:rsyslog7-debuginfo, p-cpe:/a:redhat:enterprise_linux:rsyslog7-gnutls, p-cpe:/a:redhat:enterprise_linux:rsyslog7-libdbi, p-cpe:/a:redhat:enterprise_linux:rsyslog7-mmjsonparse, p-cpe:/a:redhat:enterprise_linux:rsyslog7-mmopenshift, p-cpe:/a:redhat:enterprise_linux:rsyslog7-mysql, p-cpe:/a:redhat:enterprise_linux:rsyslog7-pgsql, p-cpe:/a:redhat:enterprise_linux:rsyslog7-snmp, p-cpe:/a:redhat:enterprise_linux:ruby-rmagick, p-cpe:/a:redhat:enterprise_linux:ruby-rmagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby-mysql, p-cpe:/a:redhat:enterprise_linux:ruby-mysql-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby-nokogiri, p-cpe:/a:redhat:enterprise_linux:ruby-sqlite3, p-cpe:/a:redhat:enterprise_linux:ruby193-facter, p-cpe:/a:redhat:enterprise_linux:ruby193-js, p-cpe:/a:redhat:enterprise_linux:ruby193-js-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-js-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective-client, p-cpe:/a:redhat:enterprise_linux:ruby193-mcollective-common, p-cpe:/a:redhat:enterprise_linux:ruby193-mod_passenger, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-mysql, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-mysql-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-selinux, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-selinux-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-wrapper, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson_ext, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bson_ext-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-chunky_png, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-commander, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-compass, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-compass-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-daemon_controller, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-daemons, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-dnsruby, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fastthread, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fastthread-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-file-tail, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formtastic, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fssm, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-haml, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-highline, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-httpclient, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-jquery-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json_pure, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-mongo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-mongoid, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-moped, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ldap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ldap-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-open4, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-origin, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-parallel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-parseconfig, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-pg, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-pg-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdiscount, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdiscount-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-regin, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-safe_yaml, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sass-twitter-bootstrap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-spruz, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-state_machine, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-stomp, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-syslog-logger, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-systemu, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-term-ansicolor, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-xml-simple, p-cpe:/a:redhat:enterprise_linux:rubygem-parsetree, p-cpe:/a:redhat:enterprise_linux:rubygem-rubyinline, p-cpe:/a:redhat:enterprise_linux:rubygem-zentest, p-cpe:/a:redhat:enterprise_linux:rubygem-archive-tar-minitar, p-cpe:/a:redhat:enterprise_linux:rubygem-bson, p-cpe:/a:redhat:enterprise_linux:rubygem-bson_ext, p-cpe:/a:redhat:enterprise_linux:rubygem-bson_ext-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler, p-cpe:/a:redhat:enterprise_linux:rubygem-commander, p-cpe:/a:redhat:enterprise_linux:rubygem-diff-lcs, p-cpe:/a:redhat:enterprise_linux:rubygem-fastthread, p-cpe:/a:redhat:enterprise_linux:rubygem-file-tail, p-cpe:/a:redhat:enterprise_linux:rubygem-highline, p-cpe:/a:redhat:enterprise_linux:rubygem-httpclient, p-cpe:/a:redhat:enterprise_linux:rubygem-json, p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh-gateway, p-cpe:/a:redhat:enterprise_linux:rubygem-net-ssh-multi, p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:rubygem-nokogiri-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-open4, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-admin-console, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-auth-remote-user, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-common, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-container-selinux, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-controller, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-nsupdate, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apache-mod-rewrite, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apache-vhost, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-apachedb, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-haproxy-sni-proxy, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-frontend-nodejs-websocket, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-msg-broker-mcollective, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-node, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-routing-activemq, p-cpe:/a:redhat:enterprise_linux:rubygem-parseconfig, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:rubygem-rack, p-cpe:/a:redhat:enterprise_linux:rubygem-rake, p-cpe:/a:redhat:enterprise_linux:rubygem-regin, p-cpe:/a:redhat:enterprise_linux:rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:rubygem-spruz, p-cpe:/a:redhat:enterprise_linux:rubygem-sqlite3, p-cpe:/a:redhat:enterprise_linux:rubygem-sqlite3-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-stomp, p-cpe:/a:redhat:enterprise_linux:rubygem-systemu, p-cpe:/a:redhat:enterprise_linux:rubygem-test-unit, p-cpe:/a:redhat:enterprise_linux:rubygem-thor, p-cpe:/a:redhat:enterprise_linux:rubygem-thread-dump, p-cpe:/a:redhat:enterprise_linux:rubygem-thread-dump-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygems, p-cpe:/a:redhat:enterprise_linux:rubygems-devel, p-cpe:/a:redhat:enterprise_linux:shapelib, p-cpe:/a:redhat:enterprise_linux:shapelib-debuginfo, p-cpe:/a:redhat:enterprise_linux:shapelib-devel, p-cpe:/a:redhat:enterprise_linux:socat, p-cpe:/a:redhat:enterprise_linux:socat-debuginfo, p-cpe:/a:redhat:enterprise_linux:ta-lib, p-cpe:/a:redhat:enterprise_linux:ta-lib-debuginfo, p-cpe:/a:redhat:enterprise_linux:ta-lib-devel, p-cpe:/a:redhat:enterprise_linux:uuid-debuginfo, p-cpe:/a:redhat:enterprise_linux:uuid-devel, p-cpe:/a:redhat:enterprise_linux:uuid-pgsql, p-cpe:/a:redhat:enterprise_linux:v8, p-cpe:/a:redhat:enterprise_linux:v8-debuginfo, p-cpe:/a:redhat:enterprise_linux:v8-devel, p-cpe:/a:redhat:enterprise_linux:xerces-c, p-cpe:/a:redhat:enterprise_linux:xerces-c-debuginfo, p-cpe:/a:redhat:enterprise_linux:xerces-c-devel, p-cpe:/a:redhat:enterprise_linux:xerces-c-doc, p-cpe:/a:redhat:enterprise_linux:yum-plugin-priorities, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:perl-clone, p-cpe:/a:redhat:enterprise_linux:perl-clone-debuginfo, p-cpe:/a:redhat:enterprise_linux:perl-dbix-contextualfetch, p-cpe:/a:redhat:enterprise_linux:perl-datetime-format-builder, p-cpe:/a:redhat:enterprise_linux:perl-datetime-format-pg, p-cpe:/a:redhat:enterprise_linux:perl-datetime-format-strptime, p-cpe:/a:redhat:enterprise_linux:perl-io-stringy, p-cpe:/a:redhat:enterprise_linux:perl-ima-dbi, p-cpe:/a:redhat:enterprise_linux:perl-json, p-cpe:/a:redhat:enterprise_linux:perl-universal-moniker, p-cpe:/a:redhat:enterprise_linux:perl-yaml, p-cpe:/a:redhat:enterprise_linux:php-bcmath, p-cpe:/a:redhat:enterprise_linux:php-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-devel, p-cpe:/a:redhat:enterprise_linux:php-extras-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-fpm, p-cpe:/a:redhat:enterprise_linux:php-imap, p-cpe:/a:redhat:enterprise_linux:php-intl, p-cpe:/a:redhat:enterprise_linux:php-mbstring, p-cpe:/a:redhat:enterprise_linux:php-mcrypt, p-cpe:/a:redhat:enterprise_linux:php-pear-mdb2, p-cpe:/a:redhat:enterprise_linux:php-pear-mdb2-driver-pgsql, p-cpe:/a:redhat:enterprise_linux:php-pecl-imagick, p-cpe:/a:redhat:enterprise_linux:php-pecl-imagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-pecl-xdebug, p-cpe:/a:redhat:enterprise_linux:php-pecl-xdebug-debuginfo, p-cpe:/a:redhat:enterprise_linux:php-process, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-imagick, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-imagick-debuginfo, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-xdebug, p-cpe:/a:redhat:enterprise_linux:php54-php-pecl-xdebug-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgis, p-cpe:/a:redhat:enterprise_linux:postgis-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgis-docs, p-cpe:/a:redhat:enterprise_linux:postgresql-ip4r, p-cpe:/a:redhat:enterprise_linux:postgresql-ip4r-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgresql92-pgrouting, p-cpe:/a:redhat:enterprise_linux:postgresql92-pgrouting-debuginfo, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis, p-cpe:/a:redhat:enterprise_linux:postgresql92-postgis-debuginfo

必要的 KB 項目: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

可輕鬆利用: No known exploits are available

修補程式發佈日期: 2014/5/13

弱點發布日期: 2020/2/12

參考資訊

CVE: CVE-2014-0234

RHSA: 2014:0487