← back
CVE-2015-6240

CVE-2015-6240

EPSS 0.4%
The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=1243468https://github.com/ansible/ansible/commit/952166f48eb0f5797b75b160fd156bbe1e8fc647https://github.com/ansible/ansible/commit/ca2f2c4ebd7b5e097eab0a710f79c1f63badf95bhttps://lists.debian.org/debian-lts-announce/2019/09/msg00016.htmlhttp://www.openwall.com/lists/oss-security/2015/08/17/10