13 matches found
Debian dla-3643 : libpmi-pmix-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3643 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3643-1 [email protected] https://www.debian.org/lts/security/...
SUSE SLES15: libmca_common_dstore1 / libpmix2 / pmix / pmix-devel / pmix-headers / etc (SUSE-SU-2023:3859-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3859-1 advisory. - CVE-2023-41915: Fixed a potential vulnerability where a chown may follow a user-created link bsc1215190. - Install pmix-plugin-munge if...
CVE-2023-41915
OpenPMIx PMIx is vulnerable to a race condition during execution of library code with UID 0, which allows attackers to obtain ownership of arbitrary files...
CVE-2021-20197
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...
Fedora 33 : mingw-binutils (2021-354441fcdd)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-354441fcdd advisory. - There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib...
CVE-2018-21269
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink...
EulerOS Virtualization 3.0.2.2 : systemd (EulerOS-SA-2020-2221)
According to the version of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to...
CVE-2017-18188
OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...
Hardcoded credentials
OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...
CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
Code injection
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2010-1161
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files...
Ubuntu 4.10 / 5.04 / 5.10 : heimdal vulnerability (USN-247-1)
A privilege escalation flaw has been found in the heimdal rsh remote shell server. This allowed an authenticated attacker to overwrite arbitrary files and gain ownership of them. Please note that the heimdal-servers package is not officially supported in Ubuntu it is in the 'universe' component o...