18 matches found
MiracleLinux 4 : libguestfs-1.20.11-2.0.1.AXS4 (AXSA:2014-288:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-288:02 advisory. Libguestfs is a library for accessing and modifying guest disk images. Amongst the things this is good for: making batch configuration changes to guests,...
SUSE CVE-2013-4419
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitra...
SUSE: Security Advisory (SUSE-SU-2013:1626-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 6 : libguestfs (CESA-2013:1536)
Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
Oracle Linux 6 : libguestfs (ELSA-2013-1536)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1536 advisory. - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz1019737 - Fix DoS abort due to a double free flaw when...
libguestfs, ocaml, perl, python, ruby security update
CentOS Errata and Security Advisory CESA-2013:1536 Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A...
libguestfs security, bug fix, and enhancement update
1:1.20.11-2 - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz1019737 1:1.20.11-1 - Rebase to libguestfs 1.20.11. resolves: rhbz958183 - Remove buildnet: builds now detect network automatically. - The rhel-6.x branches containing the patches...
RedHat Update for libguestfs RHSA-2013:1536-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: libguestfs security, bug fix, and enhancement update
Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
Fedora 20 : libguestfs-1.24.0-1.fc20 (2013-19553)
New upstream branch 1.24. Fixes CVE-2013-4419. New upstream version 1.23.33. New upstream version 1.23.32. New upstream version 1.23.31. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2013-4419
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitra...
CVE-2013-4419
CVE-2013-4419 affects libguestfs guestfish when using --remote/--listen: temporary socket ownership is not properly checked under /tmp/.guestfish-$UID/, allowing a local user to pre-create that directory and then write to the socket to execute commands. Affected are libguestfs versions up to and ...
SuSE 11.3 Security Update : guestfs (SAT Patch Number 8465)
A predictable socketname in the guestfish commandline tool could be used by a local attacker to gain access to guestfish sessions of other users on the same system. CVE-2013-4419 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Fedora Update for libguestfs FEDORA-2013-19452
Check for the Version of libguestfs OpenVAS Vulnerability Test Fedora Update for libguestfs FEDORA-2013-19452 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora Update for libguestfs FEDORA-2013-19492
Check for the Version of libguestfs OpenVAS Vulnerability Test Fedora Update for libguestfs FEDORA-2013-19492 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora Update for libguestfs FEDORA-2013-19492
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for libguestfs FEDORA-2013-19452
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 18 : libguestfs-1.20.12-1.fc18 (2013-19452)
New upstream stable branch version 1.20.12, fixing CVE-2013-4419. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...