Vulnerabilities > CVE-2014-3661 - Resource Management Errors vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (thread consumption) via vectors related to a CLI handshake.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0070.NASL description Red Hat OpenShift Enterprise release 3.1.1 is now available with updates to packages that fix several security issues, bugs and introduce feature enhancements. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenShift Enterprise by Red Hat is the company last seen 2020-06-01 modified 2020-06-02 plugin id 119442 published 2018-12-06 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119442 title RHEL 7 : openshift (RHSA-2016:0070) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_549A277149CC11E4AE2CC80AA9043978.NASL description Jenkins Security Advisory : Please reference CVE/URL list for details last seen 2020-06-01 modified 2020-06-02 plugin id 78017 published 2014-10-02 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78017 title FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978) NASL family CGI abuses NASL id JENKINS_1_583.NASL description The remote web server hosts a version of Jenkins (open source) or CloudBees Jenkins Enterprise that is affected by multiple vulnerabilities : - An error exists related to file upload processing that allows a remote attacker to overwrite arbitrary files. (CVE-2013-2186) - An input validation error exists related to the included last seen 2020-06-01 modified 2020-06-02 plugin id 78859 published 2014-11-04 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78859 title Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities
Redhat
advisories |
| ||||
rpms |
|