17 matches found
MiracleLinux 7 : autofs-5.0.7-54.el7 (AXSA:2015-744:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-744:01 advisory. autofs is a daemon which automatically mounts filesystems when you use them, and unmounts them later when you are not using them. This can include network...
Security Bulletin: Vulnerabilities in autofs affect Power Hardware Management Console (CVE-2014-8169)
Summary autofs is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2014-8169 DESCRIPTION: Red Hat autofs could allow a local attacker to gain elevated privileges on the system, caused by an error when an interpreted language is...
SUSE: Security Advisory (SUSE-SU-2015:1020-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : autofs on SL7.x x86_64 (20151119)
It was found that program-based automounter maps that used interpreted languages such as Python used standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. CVE-2014-8169 Note: This...
Medium: autofs
Issue Overview: It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system...
CentOS 7 : autofs (CESA-2015:2417)
Updated autofs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Oracle Linux 7 : autofs (ELSA-2015-2417)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2015-2417 advisory. 5.0.7-54.0.1 - add autofs-5.0.5-lookup-mounts.patch Orabug:12658280 Bert Barbe 1:5.0.7-54 - bz1263508 - Heavy program map usage can lead to a hang - fix out of...
RHEL 7 : autofs (RHSA-2015:2417)
Updated autofs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Scientific Linux Security Update : autofs on SL6.x i386/x86_64 (20150722)
It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. CVE-2014-8169 Note:...
CentOS 6 : autofs (CESA-2015:1344)
Updated autofs packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
autofs security update
CentOS Errata and Security Advisory CESA-2015:1344 Updated autofs packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS...
RedHat Update for autofs RHSA-2015:1344-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : autofs (RHSA-2015:1344)
Updated autofs packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
SUSE SLED12 / SLES12 Security Update : autofs (SUSE-SU-2015:1020-1)
autofs was updated to fix one security issue. This security issue was fixed : - CVE-2014-8169: Prevent potential privilege escalation via interpreter load path for program-based automount maps bnc917977. The update package also includes non-security fixes. See advisory for details. Note that...
CVE-2014-8169
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home...
CVE-2014-8169
CVE-2014-8169 affects the autofs (automounter) component: when a program map uses interpreted languages, it can cause the interpreter to inherit the calling user’s USER and HOME environment variables, enabling local privilege escalation. The issue has been addressed across multiple distributions:...
SUSE-SU-2015:1020-1 Security update for autofs
autofs was updated to fix one security issue. This security issue was fixed: - CVE-2014-8169: Prevent potential privilege escalation via interpreter load path for program-based automount maps bnc917977. These non-security issues were fixed: - Dont pass sloppy option for other than nfs mounts...