CLSA-2026-1779095842 memcached: Fix of CVE-2021-37519

CVE-2021-37519: heap buffer overflow in authfileload when the auth file lacks a trailing newline; missing bounds check on fgets and missing NUL check in the user-entry parse loop allow local DoS via a crafted --auth-file...

MiracleLinux 8 : booth-1.0-199.1.ac1d34c.git.el8.1 (AXSA:2022-3841:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3841:01 advisory. booth: authfile directive in booth config file is completely ignored. CVE-2022-2553 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : booth-1.0-251.3.bfb2f92.git.el9.1 (AXSA:2023-5095:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5095:03 advisory. booth: authfile directive in booth config file is completely ignored. CVE-2022-2553 Tenable has extracted the preceding description block directly from the...

EUVD-2013-6229

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-12209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile default $HOME/.config/Yubico/u2fkeys as root unless openasuser was enabled, and does not proper...

Security update for pam_u2f

This update for pamu2f fixes the following issues: update to 1.3.2: Relax authfile permission check to a warning instead of an error to prevent a breaking change locking existing users out of their systems. update to 1.3.1: CVE-2025-23013: Fixed problematic PAMIGNORE return values in...

CentOS 9 : booth-1.0-283.1.9d4029a.git.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the booth-1.0-283.1.9d4029a.git.el9 build changelog. - The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a...

SUSE CVE-2013-6410

nbd-server in Network Block Device nbd before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file...

SUSE CVE-2019-12209

Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile default $HOME/.config/Yubico/u2fkeys as root unless openasuser was enabled, and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM...

UBUNTU-CVE-2021-37519

Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file...

CVE-2021-37519

Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file...

CVE-2021-37519

Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file...

Fedora 36 : booth (2022-6744980220)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6744980220 advisory. Remove Alias directive from [email protected] unit file ---- Security fix for CVE-2022-2553 Tenable has extracted the preceding description block...

Fedora 35 : booth (2022-e0a87993b8)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e0a87993b8 advisory. Remove Alias directive from [email protected] unit file ---- Security fix for CVE-2022-2553 Tenable has extracted the preceding description block...

AlmaLinux 8 : booth (ALSA-2022:6439)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:6439 advisory. - The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not...

booth: authfile directive in booth config file is completely ignored.

A flaw was found in booth in the way it handles the authfile directive in configuration files, which causes authentication to be skipped between nodes. As a result, an attacker-controlled node that does not have the correct authentication key does not prevent communication with other nodes in the...

Moderate: booth security update

The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network...

booth: authfile directive in booth config file is completely ignored.

A flaw was found in booth in the way it handles the authfile directive in configuration files, which causes authentication to be skipped between nodes. As a result, an attacker-controlled node that does not have the correct authentication key does not prevent communication with other nodes in the...

RHEL 8 : booth (RHSA-2022:6439)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6439 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...

booth: authfile directive in booth config file is completely ignored.

A flaw was found in booth in the way it handles the authfile directive in configuration files, which causes authentication to be skipped between nodes. As a result, an attacker-controlled node that does not have the correct authentication key does not prevent communication with other nodes in the...