194 matches found
Debian: Security Advisory (DSA-1960-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Security Advisory CESA-2009:1642 (acpid)
The remote host is missing updates to acpid announced in advisory CESA-2009:1642. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...
Mandriva Security Advisory MDVSA-2009:342 (acpid)
The remote host is missing an update to acpid announced via advisory MDVSA-2009:342. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandriva Linux Security Advisory : acpid (MDVSA-2009:343)
A vulnerability has been found and corrected in acpid : acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different...
acpid weak file permission
Log file is created world readable...
[SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1960-1 [email protected] http://www.debian.org/security/ Raphael Geissert December 19, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions
------------------------------------------------------------------------ Debian Security Advisory DSA-1960-1 [email protected] http://www.debian.org/security/ Raphael Geissert December 19, 2009 http://www.debian.org/security/faq -...
DSA-1960-1 acpid - weak file permissions
Bulletin has no description...
acpid security update
CentOS Errata and Security Advisory CESA-2009:1642 An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. acpid is a daemon that dispatches ACPI...
Red Hat acpid '/var/log/acpid'日志文件权限本地特权提升漏洞
Bugraq ID: 37249 CVE ID:CVE-2009-4033 Red Hat是一款流行的linux发行版本。 Red Hat Enterprise Linux 5包含的acpid以不安全权限建立日志文件/var/log/acpid。问题是由于使用OCREAT标记调用时open没有使用第三个参数,结果导致日志文件以全局可写建立,并设置setuid / setgid位,允许特权提升。 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server 用户可参考如下安全公告获得补丁信息:...
RedHat Security Advisory RHSA-2009:1642
The remote host is missing updates announced in advisory RHSA-2009:1642. acpid is a daemon that dispatches ACPI Advanced Configuration and Power Interface events to user-space programs. It was discovered that acpid could create its log file /var/log/acpid with random permissions on some systems. ...
RedHat Security Advisory RHSA-2009:1642
The remote host is missing updates announced in advisory RHSA-2009:1642. acpid is a daemon that dispatches ACPI Advanced Configuration and Power Interface events to user-space programs. It was discovered that acpid could create its log file /var/log/acpid with random permissions on some systems. ...
Mandriva Security Advisory MDVSA-2009:107-1 (acpid)
The remote host is missing an update to acpid announced via advisory MDVSA-2009:107-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandriva Security Advisory MDVSA-2009:107-1 (acpid)
The remote host is missing an update to acpid announced via advisory MDVSA-2009:107-1. OpenVAS Vulnerability Test $Id: mdksa20091071.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:107-1 acpid Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Open redirect
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this...
CVE-2009-4033
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this...
CVE-2009-4235
acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033...
Design/Logic Flaw
acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033...
CVE-2009-4235
acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033...
CVE-2009-4033
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this...