Lucene search
K

330 matches found

OpenVAS
OpenVAS
added 2020/11/12 12:0 a.m.15 views

Sympa <= 6.2.59 Privilege Escalation Vulnerability

Sympa is prone to a privilege escalation vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

7.8CVSS7.8AI score0.00352EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/11/10 12:0 a.m.34 views

Debian DLA-2441-1 : sympa security update

A privilege escalation was discovered in Sympa, a modern mailing list manager. It is fixed when Sympa is used in conjunction with common MTAs such as Exim or Postfix by disabling a setuid executable, although no fix is currently available for all environments such as sendmail. Additionally, an...

7.8CVSS6.5AI score0.03982EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/11/10 12:0 a.m.18 views

Debian: Security Advisory (DLA-2441-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.03982EPSS
Exploits0References4
Debian
Debian
added 2020/11/09 1:4 p.m.68 views

[SECURITY] [DLA 2441-1] sympa security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2441-1 [email protected] https://www.debian.org/lts/security/ November 09, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

7.8CVSS7.6AI score0.03982EPSS
Exploits0
OSV
OSV
added 2020/11/09 12:0 a.m.21 views

DLA-2441-1 sympa - security update

Bulletin has no description...

6.1CVSS6.3AI score0.03982EPSS
Exploits0
OSV
OSV
added 2020/10/10 6:15 p.m.2 views

DEBIAN-CVE-2020-26932

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

4.3CVSS6.1AI score0.00971EPSS
Exploits0References1
OSV
OSV
added 2020/10/10 6:15 p.m.17 views

CVE-2020-26932

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

4.3CVSS7.7AI score0.00971EPSS
Exploits0References3
NVD
NVD
added 2020/10/10 6:15 p.m.19 views

CVE-2020-26932

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

4.3CVSS0.00971EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/10/10 6:15 p.m.26 views

CVE-2020-26932

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

4.3CVSS6.6AI score0.00971EPSS
Exploits0References3
OSV
OSV
added 2020/10/10 6:15 p.m.7 views

UBUNTU-CVE-2020-26932

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

4.3CVSS6.9AI score0.00971EPSS
Exploits0References4
Prion
Prion
added 2020/10/10 6:15 p.m.20 views

Design/Logic Flaw

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

4CVSS4.8AI score0.00971EPSS
Exploits0References3Affected Software2
Debian CVE
Debian CVE
added 2020/10/10 5:57 p.m.21 views

CVE-2020-26932

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

4.3CVSS5.2AI score0.00971EPSS
Exploits0
Cvelist
Cvelist
added 2020/10/10 5:57 p.m.22 views

CVE-2020-26932

debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 4750 for access by the sympa group...

5.8AI score0.00971EPSS
Exploits0References3
CVE
CVE
added 2020/10/10 5:57 p.m.89 views

CVE-2020-26932

CVE-2020-26932 is a Debian Sympa issue where the postinst script for the sympa package (before 6.2.40~dfsg-7) sets the sympa_newaliases-wrapper with mode 4755 instead of the intended 4750, allowing access by the sympa group. The Debian security advisories (DSA-4818) indicate this affects Sympa be...

4.3CVSS5.6AI score0.00971EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2020/10/08 12:0 a.m.21 views

Debian: Security Advisory (DLA-2401-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.00971EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/10/08 12:0 a.m.36 views

Debian DLA-2401-1 : sympa security update

Sympa, a modern mailing list manager, allows privilege escalation through setuid wrappers. A local attacker can obtain root access. For Debian 9 stretch, this problem has been fixed in version 6.2.16dfsg-3+deb9u3. We recommend that you upgrade your sympa packages. For the detailed security status...

7.8CVSS7.3AI score0.005EPSS
Exploits1References4
Debian
Debian
added 2020/10/07 9:36 p.m.26 views

[SECURITY] [DLA 2401-1] sympa security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2401-1 [email protected] https://www.debian.org/lts/security/ October 07, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

7.8CVSS7.6AI score0.005EPSS
Exploits1
NVD
NVD
added 2020/10/07 6:15 p.m.24 views

CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...

7.8CVSS0.00352EPSS
Exploits0References7
OSV
OSV
added 2020/10/07 6:15 p.m.24 views

CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...

7.8CVSS6.8AI score
Exploits0References7
OSV
OSV
added 2020/10/07 6:15 p.m.2 views

DEBIAN-CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...

7.8CVSS6.7AI score0.00352EPSS
Exploits0References1
Rows per page
Query Builder