24 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-3215
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid syste...
RHEL 6 : libcap-ng (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - policycoreutils: local privilege escalation via seunshare CVE-2014-3215 Note that Nessus has not tested for this...
Mageia: Security Advisory (MGASA-2014-0251)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0375-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : libcap-ng (SUSE-SU-2017:0375-1)
libcap-ng was updated to fix one security issue. This security issue was fixed : - CVE-2014-3215: seunshare in policycoreutils which uses libcap-ng is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid...
SUSE-SU-2017:0375-1 Security update for libcap-ng
libcap-ng was updated to fix one security issue. This security issue was fixed: - CVE-2014-3215: seunshare in policycoreutils which uses libcap-ng is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid...
Oracle: Security Advisory (ELSA-2015-3034)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-3032)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201412-44
Gentoo Linux Local Security Checks GLSA 201412-44 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.250.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077389 CVE-2015-3331 2.6.39-400.250.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807440 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...
SOL16596 - Privilege escalation vulnerability CVE-2014-3215
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3033)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3033 advisory. - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930552 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3034)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3034 advisory. - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930553 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930553 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy...
CentOS Update for kernel CESA-2015:0864 centos6
Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882174";...
Unbreakable Enterprise kernel security update
2.6.39-400.249.4 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930552 CVE-2014-9584 - selinux: Permit bounded transitions under NONEWPRIVS or NOSUID. Stephen Smalley Orabug: 20930502 CVE-2014-3215 - Add PRGET,SETNONEWPRIVS to prevent execve from granting privs Andy Lutomirski...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20150421)
A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capnglock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others, also sets the...
openSUSE Security Update : libcap-ng (openSUSE-SU-2014:0736-1)
Besides other enhancements, this version update contains : - fix for CVE-2014-3215 bnc876832 - use PRSETNONEWPRIVS to prevent gain of new privileges - added libcap-ng-CVE-2014-3215.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
Mandriva Linux Security Advisory : libcap-ng (MDVSA-2014:117)
Updated libcap-ng packages fix security vulnerability : capnglock in libcap-ng before 0.7.4 sets securebits in an attempt to prevent regaining capabilities using setuid-root programs. This allows a user to run setuid programs, such as seunshare from policycoreutils, as uid 0 but without...
MGASA-2014-0251 Updated libcap-ng packages fix CVE-2014-3215
Updated libcap-ng packages fix security vulnerability: capnglock in libcap-ng before 0.7.4 sets securebits in an attempt to prevent regaining capabilities using setuid-root programs. This allows a user to run setuid programs, such as seunshare from policycoreutils, as uid 0 but without...