MiracleLinux 4 : netcf-0.2.4-3.AXS4 (AXBA:2015-387:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXBA:2015-387:01 advisory. - The findifcfgpath function in netcf before 0.2.7 might allow attackers to cause a denial of service application crash via vectors involving augeas path...

MiracleLinux 7 : netcf-0.2.8-1.el7 (AXSA:2015-621:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-621:01 advisory. Netcf is a library used to modify the network configuration of a system. Network configurations are expressed in a platform-independent XML format, which netc...

SUSE: Security Advisory (SUSE-SU-2018:0653-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:1792-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:1249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in netcf affects PowerKVM (CVE-2014-8119)

Summary PowerKVM is affected by a vulnerability in netcf. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2014-8119 DESCRIPTION: The netcfg package in Linux is vulnerable to a denial of service, caused by the improper processing of XPath expressions by the findifcfgpath function...

SUSE SLES11 Security Update : augeas (SUSE-SU-2018:0653-1)

This update for augeas fixes the following issues: Security issues fixed : - CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution by passing crafted strings that would be mis-handled by parsename bsc1054171. - CVE-2014-8119: Fix improper handling of escaped strin...

CVE-2014-8119

The findifcfgpath function in netcf before 0.2.7 might allow attackers to cause a denial of service application crash via vectors involving augeas path expressions...

CVE-2014-8119

The findifcfgpath function in netcf before 0.2.7 might allow attackers to cause a denial of service application crash via vectors involving augeas path expressions...

CVE-2014-8119

CVE-2014-8119 affects the netcf library, where the function find_ifcfg_path in netcf before 0.2.7 may allow a remote attacker to trigger a denial of service (application crash) via vectors involving augeas path expressions. This vulnerability has been acknowledged in multiple advisories across ve...

CentOS 7 : netcf (CESA-2015:2248)

Updated netcf packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

netcf security, bug fix, and enhancement update

0.2.8-1 - Rebase to netcf-0.2.8 - resolve rhbz1165965 - CVE-2014-8119 - resolve rhbz1159000 - support multiple IPv4 addresses in interface config redhat driver - resolve rhbz1113983 - allow static IPv4 config simultaneous with DHCPv4 redhat driver - resolve rhbz1170941 - remove extra quotes from...

Moderate: Red Hat Security Advisory: netcf security, bug fix, and enhancement update

Updated netcf packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

SUSE SLED11 / SLES11 Security Update : augeas (SUSE-SU-2015:1792-1)

This update fixes an untrusted argument escaping problem CVE-2014-8119 : - new API - augescapename - which can be used to escape untrusted inputs before using them as part of path expressions - augmatch is changed to return properly escaped output Note that Tenable Network Security has extracted...

SUSE-SU-2015:1792-1 Security update for augeas

This update fixes an untrusted argument escaping problem CVE-2014-8119: new API - augescapename - which can be used to escape untrusted inputs before using them as part of path expressions augmatch is changed to return properly escaped output...

SUSE SLED12 / SLES12 Security Update : augeas (SUSE-SU-2015:1249-1)

This update fixes an untrusted argument escaping problem CVE-2014-8119 : - new API - augescapename - which can be used to escape untrusted inputs before using them as part of path expressions - augmatch is changed to return properly escaped output Note that Tenable Network Security has extracted...

Fedora 20 : netcf-0.2.8-1.fc20 (2015-5910)

Security fix for CVE-2014-8119, as well as adding a few other minor bugfixes and enhancements support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenab...

Fedora 21 : netcf-0.2.8-1.fc21 (2015-5872)

Security fix for CVE-2014-8119, as well as adding a few other minor bugfixes and enhancements support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenab...

Fedora 22 : netcf-0.2.8-1.fc22 (2015-5885)

Security fix for CVE-2014-8119, as well as adding a few other minor bugfixes and enhancements support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenab...