7 matches found
Gentoo Security Advisory GLSA 201408-04
Gentoo Linux Local Security Checks GLSA 201408-04 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Updated catfish package fixes CVE-2014-2096
Updated catfish package fixes security vulnerabilities: Untrusted search path vulnerability in Catfish allows local users to gain privileges via a Trojan horse bin/catfish.py in the current working directory CVE-2014-2096. Additionally, the update adds a missing requirement for the...
GLSA-201408-04 : Catfish: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201408-04 Catfish: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Catfish. Please review the CVE identifiers referenced below for details. Impact : A local attacker could gain escalated privileges via a...
Fedora 19 : catfish-0.4.0.2-4.fc19 (2014-3453)
In the previous rpm, catfish used a wrapper launching script using some bad logic for searching paths, which might lead to arbitrary code execution exploit by malicious local user. This vulnerability is now assigned as CVE-2014-2093 through CVE-2014-2096. This new rpm should fix this issue. Note...
Fedora 20 : catfish-1.0.1-1.fc20 (2014-3497)
In the previous rpm, catfish used a wrapper launching script using some bad logic for searching paths, which might lead to arbitrary code execution exploit by malicious local user. This vulnerability is now assigned as CVE-2014-2093 through CVE-2014-2096. This new rpm should fix this issue. Note...
Fedora Update for catfish FEDORA-2014-3497
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-2096
CVE-2014-2096: Untrusted search path vulnerability in Catfish (versions 0.6.0–1.0.0) allows local privilege escalation via a Trojan horse bin/catfish.py in the current working directory. Several advisories confirm the issue and provide fixes/recommend upgrading: Mageia MGASA-2014-0342 and Gentoo ...