15 matches found
Photon OS 3.0: Systemd PHSA-2019-3.0-0036
An update of the systemd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
SUSE CVE-2019-15718
In systemd 240, busopensystemwatchbindwithdescription in shared/bus-util.c as used by systemd-resolved to connect to the system D-Bus instance, calls sdbussettrusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that...
Oracle Linux 8 : systemd (ELSA-2019-3592)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3592 advisory. 239-18.0.1 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2...
CentOS 8 : systemd (CESA-2019:3592)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3592 advisory. - systemd: systemd-resolved allows unprivileged users to configure DNS CVE-2019-15718 Note that Nessus has not tested for this issue but has instead relied only...
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2020-1054)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-2121)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated systemd packages fix security vulnerability
Updated systemd packages fix security vulnerability: Nadav Markus from Palo Alto Networks discovered that systemd-resolved does not enforce appropriate access controls on its D-Bus interface and allows unprivileged users to execute methods that are meant to be available only to privileged users...
RHEL 8 : systemd (RHSA-2019:3592)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3592 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...
Fedora 31 : systemd (2019-d5bd5f0aa4)
Update to latest release - Emission of Session property-changed notifications from logind is fixed this was breaking the switching of sessions to and from gnome. - Security issue: unprivileged users were allowed to change DNS servers configured in systemd-resolved. Now proper polkit authorization...
[ASA-201910-3] systemd: access restriction bypass
Arch Linux Security Advisory ASA-201910-3 ========================================= Severity: Medium Date : 2019-10-02 CVE-ID : CVE-2019-15718 Package : systemd Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-1035 Summary ======= The package systemd before...
USN-4120-2: systemd regression | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. We apologize for th...
USN-4120-1: systemd vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system’s DNS resolver settings. CVEs...
Fedora 30 : systemd (2019-24e1d561e5)
Security issue: unprivileged users were allowed to change DNS servers configured in systemd-resolved CVE-2019-15718. - Various minor fixes memory issues, compat with newer kernels, log message improvements, etc.. - hwdb entries for keyboards are updated to the latest version No need to log out or...
CVE-2019-15718
CVE-2019-15718 affects systemd (notably systemd 240) where bus_open_system_watch_bind_with_description in shared/bus-util.c calls sd_bus_set_trusted, disabling access controls for incoming D-Bus messages. This allows an unprivileged user to invoke D-Bus methods that should be restricted, enabling...
CVE-2019-15718
In systemd 240, busopensystemwatchbindwithdescription in shared/bus-util.c as used by systemd-resolved to connect to the system D-Bus instance, calls sdbussettrusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that...