Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-10143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the...

7CVSS6.7AI score0.00345EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.30 views

Oracle Linux 8 : freeradius:3.0 (ELSA-2019-3353)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3353 advisory. - It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of t...

7CVSS6.8AI score0.00345EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.50 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : freeradius Multiple Vulnerabilities (NS-SA-2021-0037)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has freeradius packages installed that are affected by multiple vulnerabilities: - In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threads...

7.5CVSS6.8AI score0.02168EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.34 views

CentOS 8 : freeradius:3.0 (CESA-2019:3353)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3353 advisory. - freeradius: privilege escalation due to insecure logrotate configuration CVE-2019-10143 Note that Nessus has not tested for this issue but has instead relied...

7CVSS6.8AI score0.00345EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.31 views

Scientific Linux Security Update : freeradius on SL7.x x86_64 (20201001)

Security Fixes : - freeradius: privilege escalation due to insecure logrotate configuration CVE-2019-10143 - freeradius: eap-pwd: Information leak due to aborting when needing more than 10 iterations CVE-2019-13456 - freeradius: eap-pwd: DoS issues due to multithreaded BNCTX access CVE-2019-17185...

7.5CVSS6.9AI score0.02168EPSS
Exploits4References4
Cent OS
Cent OS
added 2020/10/20 6:2 p.m.101 views

freeradius security update

CentOS Errata and Security Advisory CESA-2020:3984 An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

7.5CVSS6.9AI score0.02168EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2020/10/20 12:0 a.m.48 views

CentOS 7 : freeradius (RHSA-2020:3984)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3984 advisory. - It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has...

7.5CVSS7AI score0.03739EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for freeradius (EulerOS-SA-2019-1747)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7AI score0.00345EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for freeradius (EulerOS-SA-2019-2065)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7AI score0.00345EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for freeradius (EulerOS-SA-2019-1674)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7AI score0.00345EPSS
Exploits3References2
0day.today
0day.today
added 2019/11/16 12:0 a.m.281 views

FreeRadius 3.0.19 Logrotate Privilege Escalation Vulnerability

Privilege Escalation via Logrotate in FreeRadius Overview Identifier: AIT-SA-20191112-01 Target: FreeRadius Vendor: FreeRadius Version: all versions including 3.0.19 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-10143 Author: Wolfgang Hotwagner AIT...

7CVSS1.4AI score0.00345EPSS
Exploits3
Packet Storm
Packet Storm
added 2019/11/15 12:0 a.m.291 views

FreeRadius 3.0.19 Logrotate Privilege Escalation

Privilege Escalation via Logrotate in FreeRadius Overview Identifier: AIT-SA-20191112-01 Target: FreeRadius Vendor: FreeRadius Version: all versions including 3.0.19 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-10143 Accessibility: Local Severity: Low...

6.9CVSS1.1AI score0.00345EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2019/07/02 12:0 a.m.39 views

EulerOS 2.0 SP5 : freeradius (EulerOS-SA-2019-1674)

According to the version of the freeradius package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was discovered freeradius does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to...

7CVSS6.8AI score0.00345EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2019/06/20 12:0 a.m.43 views

Fedora Update for freeradius FEDORA-2019-4a8eeaf80e

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7CVSS7AI score0.00345EPSS
Exploits3References2
Circl
Circl
added 2019/05/24 5:53 p.m.4 views

CVE-2019-10143

creationtimestamp| type| source ---|---|--- 2019-05-24 17:53:24+00:00| seen| https://t.me/cvemitreorg/309...

7CVSS6.8AI score0.00345EPSS
Exploits3References1
CVE
CVE
added 2019/05/24 12:0 a.m.257 views

CVE-2019-10143

CVE-2019-10143 affects FreeRADIUS 3.0.x up to and including 3.0.19, where an insecure logrotate configuration can be abused by a local attacker who already has radiusd user control to escalate to root by tricking logrotate into writing a radiusd-writable file into a restricted directory. The upst...

7CVSS7AI score0.00345EPSS
Exploits3References8Affected Software1
Rows per page
Query Builder