Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2014/08/06 12:0 a.m.17 views

Scientific Linux Security Update : yum-updatesd on SL5.x (noarch) (20140805)

It was discovered that yum-updatesd did not properly perform RPM package signature checks. When yum-updatesd was configured to automatically install updates, a remote attacker could use this flaw to install a malicious update on the target system using an unsigned RPM or an RPM signed with an...

5CVSS5.5AI score0.0241EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/08/06 12:0 a.m.20 views

CentOS Update for yum-updatesd CESA-2014:1004 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.2AI score0.0241EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/08/05 3:34 a.m.25 views

Important: Red Hat Security Advisory: yum-updatesd security update

An updated yum-updatesd package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

5CVSS5.9AI score0.0241EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/08/05 12:0 a.m.31 views

RHEL 5 : yum-updatesd (RHSA-2014:1004)

An updated yum-updatesd package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

5CVSS5.6AI score0.0241EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2014/08/05 12:0 a.m.17 views

RedHat Update for yum-updatesd RHSA-2014:1004-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.5AI score0.0241EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/03/28 12:0 a.m.31 views

Amazon Linux AMI : yum (ALAS-2014-315)

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package. C Tenable Network Security, Inc. The descriptive...

5CVSS5.5AI score0.0241EPSS
Exploits0References2
CVE
CVE
added 2014/01/26 11:0 a.m.66 views

CVE-2014-0022

The CVE-2014-0022 issue affects yum 3.4.3 and earlier where installUpdates in yum-cron/yum-cron.py does not correctly handle the return value of sigCheckPkg, allowing an unsigned package to bypass RPM package signing restrictions. This is a remote-codeish risk vector tied to RPM signature checks,...

5CVSS6.5AI score0.0241EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder