Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2014-3209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by...

2.1CVSS8.1AI score0.00376EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 7 : ldns (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ldns: Memory corruption in ldnsrrnewfrmfpl CVE-2017-1000231 - The ldns-keygen tool in ldns 1.6.x uses the...

9.8CVSS7.2AI score0.02653EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 6 : ldns (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ldns: Memory corruption in ldnsrrnewfrmfpl CVE-2017-1000231 - The ldns-keygen tool in ldns 1.6.x uses the...

9.8CVSS9.6AI score0.02653EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/11/23 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-3491-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02653EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2017/11/22 6:15 p.m.41 views

USN-3491-1: ldns vulnerabilities

Leon Weber discovered that the ldns-keygen tool incorrectly set permissions on private keys. A local attacker could possibly use this issue to obtain generated private keys. This issue only applied to Ubuntu 14.04 LTS. CVE-2014-3209 Stephan Zeisberg discovered that ldns incorrectly handled memory...

9.8CVSS8.3AI score0.02653EPSS
Exploits1
OSV
OSV
added 2014/11/16 1:59 a.m.6 views

CVE-2014-3209

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file...

5.8AI score
Exploits0References5
CVE
CVE
added 2014/11/16 1:0 a.m.56 views

CVE-2014-3209

CVE-2014-3209 affects ldns 1.6.x, specifically the ldns-keygen tool. The root cause is that ldns-keygen uses the current umask to set the privileges of the generated private key, which could allow a local attacker to read the private key file and obtain sensitive material. This is a local, unauth...

2.1CVSS8.6AI score0.00376EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/05/13 12:0 a.m.23 views

Mandriva Linux Security Advisory : ldns (MDVSA-2014:085)

Updated ldns packages fix security vulnerability : ldns-keygen creates a private key with the default permissions according to the users umask, which in most cases will cause the private key to be world-readable CVE-2014-3209. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

2.1CVSS8.2AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2014/05/10 7:38 p.m.4 views

MGASA-2014-0212 Updated ldns package fixes CVE-2014-3209

Updated ldns packages fix security vulnerability: ldns-keygen creates a private key with the default permissions according to the users umask, which in most cases will cause the private key to be world-readable CVE-2014-3209...

2.1CVSS6.2AI score0.00376EPSS
Exploits0References3
Mageia
Mageia
added 2014/05/10 7:38 p.m.38 views

Updated ldns package fixes CVE-2014-3209

Updated ldns packages fix security vulnerability: ldns-keygen creates a private key with the default permissions according to the users umask, which in most cases will cause the private key to be world-readable CVE-2014-3209...

2.1CVSS9AI score0.00376EPSS
Exploits0References2
Rows per page
Query Builder