11 matches found
Mageia: Security Advisory (MGASA-2015-0186)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Current Release of IBM® SDK for Node.js™ is affected by CVE-2015-0278
Summary Privilege escalation vulnerability in libuv, caused by the failure to invoke setgroups prior to calling setuid and setgid. Vulnerability Details CVE-ID: CVE-2015-0278 Description: libuv could allow a local attacker to gain elevated privileges on the system, caused by the failure to invoke...
Fedora Update for compat-libuv010 FEDORA-2015-2563
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-0278
libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors...
CVE-2015-0278
CVE-2015-0278 affects libuv where setgroups is not invoked before setuid/setgid, enabling context-dependent privilege escalation. The vulnerability is present in libuv up to version prior to 0.10.34 and is also embedded in Node.js releases (e.g., IBM SDK for Node.js). Remediation per connected do...
CVE-2015-0278
libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors...
[ MDVSA-2015:228 ] nodejs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:228 http://www.mandriva.com/en/support/security/ Package : nodejs Date : May 6, 2015 Affected: Business Server 2.0 Problem Description: Updated nodejs package fixes security vulnerability: It was found that...
Mandriva Linux Security Advisory : nodejs (MDVSA-2015:228)
Updated nodejs package fixes security vulnerability : It was found that libuv does not call setgoups before calling setuid/setgid. This may potentially allow an attacker to gain elevated privileges CVE-2015-0278. The libuv library is bundled with nodejs, and a fixed version of libuv is included...
MGASA-2015-0186 Updated nodejs packages fix security vulnerabilities
Updated nodejs package fixes security vulnerability: It was found that libuv does not call setgoups before calling setuid/setgid. This may potentially allow an attacker to gain elevated privileges CVE-2015-0278. The libuv library is bundled with nodejs, and a fixed version of libuv is included wi...
FreeBSD : libuv -- incorrect revocation order while relinquishing privileges (996bce94-d23d-11e4-9463-9cb654ea3e1c)
Nodejs releases reports : CVE-2015-0278 This may potentially allow an attacker to gain elevated privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques...
Fedora Update for v8 FEDORA-2015-2313
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...