50 matches found
SUSE-SU-2024:2468-1 Security update for traceroute
This update for traceroute fixes the following issues: - CVE-2023-46316: wrapper scripts do not properly parse command lines bsc1216591...
traceroute: improper command line parsing
A vulnerability was found in traceroute. This security issue is caused by wrapper scripts that do not properly parse command lines...
Rancher 'Audit Log' leaks sensitive information
Impact A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs. Rancher Audit Logging is an opt-in feature, only deployments that have it enabled and have AUDITLEVEL set to 1 or above are impacted by this issue. The leaks might be caught in the...
EulerOS Virtualization 2.9.1 : traceroute (EulerOS-SA-2024-1049)
According to the versions of the traceroute package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. CVE-2023-46316...
Huawei EulerOS: Security Advisory for traceroute (EulerOS-SA-2023-3351)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4656-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Traceroute vulnerability (USN-6478-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-6478-1 advisory. It was discovered that Traceroute did not properly parse command line arguments. An attacker could possibly use this issue to...
SUSE CVE-2023-46316
In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...
CVE-2023-46316
In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...
CVE-2023-46316
In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...
CVE-2023-46316
CVE-2023-46316 affects buc Traceroute 2.0.12 through 2.1.2; the wrapper scripts fail to parse command lines correctly, enabling local impact (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Public advisories/errata indicate the fix is to upgrade traceroute to version 2.1.3 or later (e.g., traceroute 2.1.3 ...
CVE-2023-46316
In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...
Oracle Linux 5 : ecryptfs-utils (ELSA-2009-1307)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-1307 advisory. 75-4 - fix EOF handling 499367 - add icon to gui desktop file 75-3 - ask for password confirmation when creating openssl key 500850 - removed executable...
CLSA-2023-1677231280 git: Fix of 4 CVEs
CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links...
CLSA-2023-1677095411 git: Fix of 6 CVEs
CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2021-23521: implement size checks for .gitattributes - CVE-2023-22490: prevent arbitrary path exfiltration when using...
[SECURITY] Fedora 35 Update: dvdauthor-0.7.2-16.fc35
DVDAuthor is a set of tools to help you author the file and directory structure of a DVD-Video disc, including programmatic commands for implementing interactive behavior. It is driven by command lines and XML control files, though there are other programs that provide GUI-based front ends if you...
USN-4705-1: Sudo vulnerabilities | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator...
USN-4705-2: Sudo vulnerability
USN-4705-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain...
USN-4705-1: Sudo vulnerabilities
It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. CVE-2021-3156 It was discovered that the Sudo sudoedit utility incorrectly handled checking directory...
An allocation of memory without limits that could result in the stack clashing with another memory region was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.
...