13 matches found
Debian: Security Advisory (DLA-442-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0102)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0643-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-442-1 : lxc security update
Brief introduction CVE-2013-6441 The template script lxc-sshd used to mount itself as /sbin/init in the container using a writable bind-mount. This update resolved the above issue by using a read-only bind-mount instead preventing any form of potentially accidental damage. CVE-2015-1335 On...
[SECURITY] [DLA 442-1] lxc security update
Package : lxc Version : 0.7.2-1+deb6u1 CVE ID : CVE-2013-6441 CVE-2015-1335 Debian Bug : 800471 Brief introduction CVE-2013-6441 The template script lxc-sshd used to mount itself as /sbin/init in the container using a writable bind-mount. This update resolved the above issue by using a read-only...
DLA-442-1 lxc - security update
Bulletin has no description...
SuSE 11.3 Security Update : lxc (SAT Patch Number 9084)
The container framework LXC has been updated to fix various bugs and a security issue : - The sshd template allowed privilege escalation on the host. CVE-2013-6441 - SLES container time not aligned with host time. bnc839653 - SLES container boot takes ages. bnc839663 - lxc mounts /dev/pts with...
[USN-2104-1] LXC vulnerability
========================================================================== Ubuntu Security Notice USN-2104-1 February 12, 2014 lxc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
SUSE-RU-2015:0992-1 Security update for lxc
The container framework LXC has been updated to fix various bugs and a security issue: CVE-2013-6441: The sshd template allowed privilege escalation on the host. SLES container time not aligned with host time bnc839653 SLES container boot takes ages bnc839663 lxc mounts /dev/pts with wrong option...
Updated lxc packages fix security vulnerability
Florian Sagar discovered that the LXC sshd template set incorrect mount permissions. An attacker could possibly use this flaw to cause privilege escalation on the host CVE-2013-6441...
CVE-2013-6441
The lxc-sshd template templates/lxc-sshd.in in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file...
CVE-2013-6441
The lxc-sshd template templates/lxc-sshd.in in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file...
CVE-2013-6441
CVE-2013-6441 affects the LXC template lxc-sshd (templates/lxc-sshd.in) in LXC prior to 1.0.0.beta2, where /sbin/init was mounted with writable permissions. This allowed local users to modify the init file and gain privileges. The issue is rooted in a writable bind-mount of /sbin/init inside the ...