622 matches found
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerabilities (USN-4424-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4424-1 advisory. It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without...
USN-4424-1 snapd vulnerabilities
It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intende...
USN-4424-1: snapd vulnerabilities
It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intende...
CVE-2020-11933
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security...
Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2020-1751)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : cloud-init (EulerOS-SA-2020-1519)
According to the versions of the cloud-init package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during...
Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2020-1519)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2020-1373)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : cloud-init (EulerOS-SA-2020-1373)
According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because...
EulerOS Virtualization for ARM 64 3.0.6.0 : cloud-init (EulerOS-SA-2020-1356)
According to the version of the cloud-init package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predi...
Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2020-1356)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2020:0818-1 Security update for cloud-init
This update for cloud-init fixes the following security issues: - CVE-2020-8631: Replaced the theoretically predictable deterministic random number generator with the system RNG bsc1162937. - CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936...
openSUSE: Security Advisory for cloud-init (openSUSE-SU-2020:0400-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : cloud-init (openSUSE-2020-400)
This update for cloud-init fixes the following security issues : - CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG bsc1162937. - CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936. This update was imported from the...
Security update for cloud-init (moderate)
openSUSE Security Update: Security update for cloud-init Announcement ID: openSUSE-SU-2020:0400-1 Rating: moderate References: 1162936 1162937 1163178 Cross-References: CVE-2020-8631 CVE-2020-8632 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata i...
OPENSUSE-SU-2020:0400-1 Security update for cloud-init
This update for cloud-init fixes the following security issues: - CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG bsc1162937. - CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936. This update was imported from the...
Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2020-1304)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : cloud-init (SUSE-SU-2020:0751-1)
This update for cloud-init fixes the following security issues : CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG bsc1162937. CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936. Note that Tenable Network Security has...
SUSE-SU-2020:0751-1 Security update for cloud-init
This update for cloud-init fixes the following security issues: - CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG bsc1162937. - CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936...
EulerOS 2.0 SP8 : cloud-init (EulerOS-SA-2020-1286)
According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because...