CVE-2013-0281

Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).

Published: Nov 23, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-0281
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
redhat / enterprise_linux	6.0	6.0.x
clusterlabs / pacemaker	1.1.10	1.1.10.x

http://rhn.redhat.com/errata/RHSA-2013-1635.html
https://bugzilla.redhat.com/show_bug.cgi?id=891922
https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93

Vulnerability Database

289,689

CVE-2013-0281