Detections
Analytics

MiracleLinux 4 : pacemaker-1.1.10-14.AXS4.2 (AXSA:2014-039:01)

high Nessus Plugin ID 289451

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-039:01 advisory.

 Pacemaker is an advanced, scalable High-Availability cluster resource manager for Linux-HA (Heartbeat) and/or Corosync.
 It supports n-node clusters with significant capabilities for managing resources and dependencies.
 It will run scripts at initialization, when machines go up or down, when related resources fail and can be configured to periodically check resource health.
 Available rpmbuild rebuild options: --with(out) : heartbeat cman corosync doc publican snmp esmtp pre_release Security issues fixed with this release:
 CVE-2013-0281 Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).
 Fixed bugs:
 Upgraded to upstream version 1.1.10.
 Pacemaker no longer assumes unknown cman nodes are safely stopped.
 The core dump file now converts all exit codes into positive 'errno' values.
 Pacemaker ensures a return to a stable state after too many fencing failures, and initiates a shut-down if a node claimed to be fenced is still active.
 The crm_error tool now supports listing and printing error symbols.
 The crm_resource command allows individual resources to be re-probed, and implements the --ban option for moving resources away from nodes. The --clear option has replaced the --unmove option. Also, crm_resource now supports OCF tracing when using the --force option.
 The IPC mechanism restores the ability for members of the haclient group to connect to the cluster.
 The Policy Engine daemon allows active nodes in the current membership to be fenced without quorum.
 Policy Engine now suppresses meaningless IDs when displaying anonymous clone status, supports maintenance mode for a single node, and correctly handles the recovered resources before they are operated on.
 XML configuration files are now checked for non-printing characters and replaced with their octal equivalent when exporting XML text. Also, a more reliable buffer allocation strategy has been implemented to prevent lock-ups.
 Previously, lsb scripts managed by Pacemaker did not cancel their recurring monitor operations correctly when stopping. Consequently, monitor operations failed after resources had successfully stopped. This bug has been fixed, and recurring monitor operations are now correctly cancelled before the lsb resource is stopped.
 Enhancements:
 Added the --ban and --clear options to the crm_resource command so that clone, master, and slave resources can now be navigated within the cluster as expected. This allows crm_resource to move a resource as designed.
 Previously, the hacluster did not have a UID or GID reserved. Number 189, already reserved for hacluster, is now used for all installation.
 Previously, the default node name used by the crm_standby and crm_failcount commands did not always match the host names (uname -n) of certain cluster nodes leading to the cluster ignoring updates. Scripts now use the crm_node command instead of uname.
 Fixed the handling of return code: recovery of an expected error state is now transparent.
 Automated unfencing in Pacemaker has been added: cman's automatic unfencing does not fail any longer when combined with Pacemaker.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/4498

Plugin Details

Severity: High

ID: 289451

File Name: miracle_linux_AXSA-2014-039.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2013-0281

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:pacemaker-doc, p-cpe:/a:miracle:linux:pacemaker-cts, p-cpe:/a:miracle:linux:pacemaker-libs, p-cpe:/a:miracle:linux:pacemaker-cli, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:pacemaker-cluster-libs, p-cpe:/a:miracle:linux:pacemaker, p-cpe:/a:miracle:linux:pacemaker-libs-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/18/2014

Vulnerability Publication Date: 2/14/2013

Reference Information

CVE: CVE-2013-0281