15 matches found
Network Manager VPNC Username Privilege Escalation
This module exploits an injection vulnerability in the Network Manager VPNC plugin to gain root privileges. This module uses a new line injection vulnerability in the configured username for a VPN network connection to inject a Password helper configuration directive into the connection...
Debian DLA-1454-1 : network-manager-vpnc security update
Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to inject a Password helper parameter into the configuration data passed to vpnc, allowing a local user wit...
[SECURITY] [DLA 1454-1] network-manager-vpnc security update
Package : network-manager-vpnc Version : 0.9.10.0-1+deb8u1 CVE ID : CVE-2018-10900 Debian Bug : 904255 Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to...
Debian: Security Advisory (DLA-1454-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
Privilege escalation
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
Network Manager VPNC Elevation of Privilege Vulnerability
Network Manager VPNC plugin networkmanager-vpnc is a virtual network manager that supports connection to Cisco VPN. A security vulnerability exists in the Network Manager VPNC plugin prior to version 1.2.6, which stems from a newline character that can be used to inject the password helper...
Network Manager VPNC 1.2.4 Privilege Escalation Vulnerability
Network Manager VPNC version 1.2.4 suffers from a privilege escalation vulnerability. Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc CVE: CVE-2018-10900 Author: Denis Andzakovic Source:...
Debian DSA-4253-1 : network-manager-vpnc - security update
Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to inject a Password helper parameter into the configuration data passed to vpnc, allowing a local user wit...
[SECURITY] [DSA 4253-1] network-manager-vpnc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4253-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4253-1] network-manager-vpnc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4253-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2018 https://www.debian.org/security/faq -...
Network Manager VPNC 1.2.4 Privilege Escalation
Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Date Released: 21/07/2018 CVE: CVE-2018-10900 Author: Denis Andzakovic Source: https://gitlab.gnome.org/GNOME/NetworkManager-vpnc Affected Software: Network Manager VPNC ...
DSA-4253-1 network-manager-vpnc - security update
Bulletin has no description...
Debian: Security Advisory (DSA-4253-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...