Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2014:0928-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.7AI score0.00377EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 5:41 a.m.21 views

Privilege Escalation

The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit PowerPC platforms. The platform diagnostics write events reported by the firmware to the service log, provide automated responses to urgent events, and notify system administrators or connected service frameworks about the...

4.4CVSS5.9AI score0.00377EPSS
Exploits0References10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:28 a.m.33 views

Security Bulletin: PowerKVM is affected by ppc64-diag and powerpc-utils vulnerabilities (Multiple CVEs)

Summary PowerKVM is affected by multiple vulnerabilities in ppc64-diag and powerpc-utils. Vulnerability Details CVEID: CVE-2014-4038 DESCRIPTION: ppc64-diag could allow a local attacker to launch a symlink attack. lpdelatest.sh creates temporary files insecurely. A local attacker could exploit th...

5CVSS0.3AI score0.01826EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2014/08/05 12:0 a.m.24 views

openSUSE: Security Advisory for ppc64-diag (openSUSE-SU-2014:0953-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS5.2AI score0.00377EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2014/08/05 12:0 a.m.25 views

openSUSE: Security Advisory for ppc64-diag (openSUSE-SU-2014:0953-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS5.2AI score0.00377EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/31 8:19 a.m.33 views

ppc64-diag: fix for tmp races and information disclosure (important)

ppc64-diag was updated to fix tmp race issues CVE-2014-4038 and a file disclosure problem in snapshot tarball generation CVE-2014-4039...

4.4CVSS2.1AI score0.00377EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/30 9:20 p.m.38 views

ppc64-diag: fix for tmp races and information disclosure (important)

ppc64-diag was updated to fix tmp race issues CVE-2014-4038 and a file disclosure problem in snapshot tarball generation CVE-2014-4039...

4.4CVSS2.1AI score0.00377EPSS
Exploits0References1
OSV
OSV
added 2014/06/17 3:55 p.m.6 views

CVE-2014-4039

ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf...

5.6AI score
Exploits0References8
CVE
CVE
added 2014/06/17 3:0 p.m.63 views

CVE-2014-4039

The CVE-2014-4039 issue affects ppc64-diag (version 2.6.1) where 0755 permissions on /tmp/diagSEsnap and lax restrictions on /tmp/diagSEsnap/snapH.tar.gz enable a local attacker to read an archive and obtain sensitive information (e.g., contents in /var/log/messages and /etc/yaboot.conf). The vul...

2.1CVSS5.6AI score0.00377EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder