CVE-2019-1045

An elevation of privilege vulnerability exists in the way that the Windows Network File System NFS handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could...

CVE-2019-1045

An elevation of privilege vulnerability exists in the way that the Windows Network File System NFS handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could...

Windows Network File System Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Network File System NFS handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could...

Microsoft Windows CVE-2019-1045 Network File System Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1709 for...

KLA11493 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of...

KLA11874 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products ESU. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of...

Linux kernel code issue vulnerability (CNVD-2019-47006)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A code issue vulnerability exists in the implementation of NFS in the Linux kernel. The vulnerability stems from an improper design or implementation during code...

PT-2019-6227 · Samba +5 · Samba +5

Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.13.16 Description: The issue allows a malicious client to create a directory in an area of the server file system not exported under the share definition by using an SMB1 or NFS race. This can happen if SMB1 is enabl...

USN-3981-2 linux-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities

USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. Ke Sun, Henrique Kawakami, Kekai H...

USN-3981-1 linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

Arbitrary Code Execution

Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Red Ha...

CVE-2019-11538

In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1, an NFS problem could allow an authenticated attacker to access the contents of arbitrary files on the affected device...

PT-2019-12362 · Pulse · Pulse Connect Secure

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions 9.0RX before 9.0R3.4 Pulse Connect Secure versions 8.3RX before 8.3R7.1 Pulse Connect Secure versions 8.2RX before 8.2R12.1 Pulse Connect Secure versions 8.1RX before 8.1R15.1 Description: An NFS problem could...

USN-3932-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. CVE-2017-18249 Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadat...

CVE-2018-5498

Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service DoS in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a Denial of Service DoS...

CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

CVE-2018-17159

In FreeBSD before 11.2-STABLEr340854 and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation...

FreeBSD NFS Server Code Flaw Vulnerability (CNVD-2018-26666)

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project run by the Core Team, and is an important branch of Unix-like operating systems developed through BSD, 386BSD, and 4.4BSD.NFS server is one of the network file system servers. A security vulnerability exists in the NFS...

FreeBSD NFS Server Code Flaw Vulnerability

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project run by the Core Team, and is an important branch of Unix-like operating systems developed through BSD, 386BSD, and 4.4BSD.NFS server is one of the network file system servers. A security vulnerability exists in the NFS...

FreeBSD NFS Server Code Flaw Vulnerability (CNVD-2018-26669)

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project run by the Core Team, and is an important branch of Unix-like operating systems developed through BSD, 386BSD, and 4.4BSD.NFS server is one of the network file system servers. A security vulnerability exists in the NFS...