95 matches found
Arbitrary Code Injection
github.com/docker/docker-ce is vulnerable to arbitrary code injection. The vulnerability exists because the nsswitch facility can dynamically load a library inside a chroot...
CVE-2019-14271
In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...
DEBIAN-CVE-2019-14271
In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...
CVE-2019-14271
In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...
CVE-2019-14271
In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...
CVE-2019-14271
CVE-2019-14271 affects Docker 19.03.x (before 19.03.1) where, when glibc is linked, code injection can occur as the nsswitch facility dynamically loads a library inside a chroot containing the container contents. This is a container-escape risk with network-attack vector observed in the descripti...
CVE-2019-14271
In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...
EulerOS 2.0 SP1 : glibc (EulerOS-SA-2016-1073)
According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack overflow vulnerability was found in nssdnsgetnetbynamer.On systems with nsswitch configured to include 'networks: dns' with a privileged or...
openSUSE Security Update : samba (openSUSE-SU-2014:0405-1)
"Samba was updated to fix security issues and bugs : Security issues fixed : - Password lockout was not enforced for SAMR password changes, this allowed brute-force attacks on passwords. CVE-2013-4496; bnc849224. - The DCE-RPC fragment length field is incorrectly checked, which could expose samba...
samba: pam_winbind fails open when non-existent group specified to require_membership_of
The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by...
Fedora Update for nss-pam-ldapd FEDORA-2013-2754
Check for the Version of nss-pam-ldapd OpenVAS Vulnerability Test Fedora Update for nss-pam-ldapd FEDORA-2013-2754 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
RedHat Update for nss-pam-ldapd RHSA-2013:0590-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
sudo: insecure temporary file use in RPM %postun script
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...
PT-2012-4713 · Red Hat +1 · Red Hat +1
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux RHEL 5 with sudo version 1.7.2 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. This is related to a certain Red Hat script...
[slackware-security] Samba 2.0.23 repackaged
New Samba packages are available for Slackware 10.0, 10.1, 10.2, and -current. In Slackware 10.0, 10.1, and 10.2, Samba was evidently picking up the libdm.so.0 library causing a Samba package issued primarily as a security patch to suddenly require a library that would only be present on the...