21 matches found
EUVD-2016-4155
Malware in sbrugna...
SUSE CVE-2020-27746
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem...
KDE Frameworks Elevation of Privilege Vulnerability
KDE Frameworks is a collection of technical libraries and software frameworks for KDE applications developed by the KDE community. kinit is one of the command line tools used to fetch and cache Kerberos tickets. A privilege-granting and access-control vulnerability exists in kinit in KDE Framewor...
CVE-2016-3100
kinit in KDE Frameworks before 5.23.0 uses weak permissions 644 for /tmp/xauth-xxx-y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file...
CVE-2016-3100
kinit in KDE Frameworks before 5.23.0 uses weak permissions 644 for /tmp/xauth-xxx-y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file...
CVE-2016-3100
kinit in KDE Frameworks before 5.23.0 uses weak permissions 644 for /tmp/xauth-xxx-y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file...
CVE-2016-3100
kinit in KDE Frameworks before 5.23.0 uses weak permissions 644 for /tmp/xauth-xxx-y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file...
CVE-2016-3100
KDE Frameworks components suffer from a local-privilege issue in kinit prior to v5.23.0: the directory /tmp/xauth-xxx-_y is created with weak permissions (644), enabling local users to read X11 cookies of other users and potentially capture keystrokes or escalate privileges. Remediation: upgrade ...
Oracle Linux 5 : openssh (ELSA-2008-0855)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0855 advisory. 4.3p2-26.el52.1 - CVE-2007-4752 - Prevent ssh1 from using a trusted X11 cookie if creation of an untrusted cookie fails 280361 Tenable has extracted th...
CentOS 4 / 5 : openssh (CESA-2008:0855)
Updated openssh packages are now available for Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, and Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHe...
Ubuntu: Security Advisory (USN-566-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for openssh RHSA-2008:0855-01
Check for the Version of openssh OpenVAS Vulnerability Test RedHat Update for openssh RHSA-2008:0855-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for openssh RHSA-2008:0855-01
Check for the Version of openssh OpenVAS Vulnerability Test RedHat Update for openssh RHSA-2008:0855-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RHEL 4 / 5 : openssh (RHSA-2008:0855)
Updated openssh packages are now available for Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, and Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHe...
openssh security update
CentOS Errata and Security Advisory CESA-2008:0855 Updated openssh packages are now available for Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, and Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security...
Critical: Red Hat Security Advisory: openssh security update
Updated openssh packages are now available for Red Hat Enterprise Linux 4, Red Hat Enterprise Linux 5, and Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHe...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : openssh vulnerability (USN-566-1)
Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...
USN-566-1: OpenSSH vulnerability
Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host...
Fedora Core 6 : openssh-4.3p2-25.fc6 (2007-715)
Tue Oct 2 2007 Tomas Mraz - 4.3p2-25 - do not fall back on trusted X11 cookies CVE-2007-4752 280471 - Fri Jul 13 2007 Tomas Mraz - 4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 - Thu Jun 21 2007 Tomas Mraz - 4.3p2-23 - document where the nss certificate and token dbs are...
OpenSSH privilege escalation
Invalid usage of X11 cookies...