CVE-2013-0281

Published: Nov 23, 2013Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).

Affected (2)

Products: Redhat: Enterprise Linux · Clusterlabs: Pacemaker

1 product

Enterprise Linux

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 6.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Clusterlabs Pacemaker	Version 1.1.10

Related CWEs

References (6)

http://rhn.redhat.com/errata/RHSA-2013-1635.html

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=891922

Source: secalert@redhat.com

https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93

Source: secalert@redhat.com

ExploitPatch

http://rhn.redhat.com/errata/RHSA-2013-1635.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=891922

Source: af854a3a-2127-422b-91ae-364da2661108

https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

Timeline

No history available yet.