39 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-6435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to...
Debian: Security Advisory (DLA-140-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K16383: Linux RPM vulnerability CVE-2013-6435
Security Advisory Description Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d...
SUSE: Security Advisory (SUSE-SU-2014:1697-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in rpm affect IBM Flex System Manager (FSM): (CVE-2013-6435, CVE-2014-8118)
Summary Vulnerabilities have been found in the rpm package included in IBM Flex System Manager FSM. Vulnerability Details Abstract Vulnerabilities have been found in the rpm package included in IBM Flex System Manager FSM. Content Vulnerability Details: CVE-ID: CVE-2013-6435 Description: RPM...
F5 Networks BIG-IP : Linux RPM vulnerability (SOL16383)
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory C Tenable Network...
SUSE: Security Advisory for rpm (SUSE-SU-2015:0107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1976)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SOL16383 - Linux RPM vulnerability CVE-2013-6435
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
DLA-140-1 rpm - security update
Bulletin has no description...
Ubuntu: Security Advisory (USN-2479-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : RPM vulnerabilities (USN-2479-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2479-1 advisory. Florian Weimer discovered that RPM incorrectly handled temporary files. A local attacker could use this issue to execute arbitrary code. CVE-2013-6435...
Debian DSA-3129-1 : rpm - security update
Two vulnerabilities have been discovered in the RPM package manager. - CVE-2013-6435 Florian Weimer discovered a race condition in package signature validation. - CVE-2014-8118 Florian Weimer discovered an integer overflow in parsing CPIO headers which might result in the execution of arbitrary...
[SECURITY] [DSA 3129-1] rpm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3129-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 15, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3129-1 (rpm - security update)
Two vulnerabilities have been discovered in the RPM package manager. CVE-2013-6435 Florian Weimer discovered a race condition in package signature validation. CVE-2014-8118 Florian Weimer discovered an integer overflow in parsing CPIO headers which might result in the execution of arbitrary code...
Debian: Security Advisory (DSA-3129-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for rpm FEDORA-2014-16838
Check the version of rpm SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868639";...
Fedora 20 : rpm-4.11.3-2.fc20 (2014-16838)
Add check against malicious CPIO file name size - Fix race condidition where unchecked data is exposed in the file system Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
openSUSE Security Update : python3-rpm / rpm / rpm-python (openSUSE-SU-2014:1716-1)
This rpm update fixes the following security and non security issues : - honor --noglob in install mode bnc892431 - check for bad invalid name sizes bnc908128 CVE-2014-8118 - create files with mode 0 bnc906803 CVE-2013-6435 This update also includes version updates of rpm-python and python3-rpm...