Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

MiracleLinux 4 : libuser-0.56.13-8.AXS4 (AXSA:2015-374:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-374:01 advisory. The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable...

7.2CVSS7.2AI score0.06853EPSS
Exploits10References3
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.17 views

Debian: Security Advisory (DLA-468-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.5AI score0.06853EPSS
Exploits10References2
F5 Networks
F5 Networks
added 2023/02/21 7:58 p.m.39 views

K05770600: Linux libuser vulnerability CVE-2015-3246

Security Advisory Description libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE:...

7.2CVSS7.2AI score0.06853EPSS
Exploits10Affected Software20
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.29 views

Security Bulletin: Vulnerabilities in libuser affect Power Hardware Management Console (CVE-2015-3245 CVE-2015-3246)

Summary libuser is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline characters by the chfn function withi...

7.2CVSS8.8AI score0.06853EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:29 a.m.51 views

Security Bulletin: Vulnerabilities in libuser affect PowerKVM (CVE-2015-3245 and CVE-2015-3246)

Summary PowerKVM is affected by two vulnerabilities CVE-2015-3245 and CVE-2015-3246 in libuser. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline character...

7.2CVSS1.4AI score0.06853EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.29 views

Security Bulletin: libuser vulnerabilities affect IBM Storwize V7000 Unified (CVE-2015-3245 and CVE-2015-3246)

Summary Fixes for security vulnerabilities in libuser are available with IBM Storwize V7000 Unified version 1.5.2.2 Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline characters by the chfn...

7.2CVSS1AI score0.06853EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:9 a.m.29 views

Security Bulletin: libuser vulnerabilities affect IBM SONAS (CVE-2015-3245 and CVE-2015-3246)

Summary Fixes for security vulnerabilities in libuser are available with IBM SONAS version 1.5.2.2 Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline characters by the chfn function within the...

7.2CVSS1AI score0.06853EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:30 p.m.22 views

Security Bulletin: Vulnerabilities in Open Source libuser affect IBM Security Guardium (CVE-2015-3246, CVE-2015-3245)

Summary The vulnerabilities allow local users to perform denial-of-service and privilege-escalation attacks Vulnerability Details CVEID: CVE-2015-3246 DESCRIPTION: libuser could allow a local authenticated attacker to gain elevated privileges on the system, caused by the improper handling of the...

7.2CVSS1.3AI score0.06853EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:26 p.m.24 views

Security Bulletin: Vulnerabilities in libuser affect IBM Security Network Protection (CVE-2015-3245, CVE-2015-3246)

Summary The libuser library implements a standardized interface for manipulating and administering user and group accounts used by multiple programs on the system. Security vulnerabilities have been discovered in libuser used with IBM Security Network Protection. Vulnerability Details CVE ID:...

7.2CVSS0.8AI score0.06853EPSS
Exploits10Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/05/26 12:0 a.m.34 views

F5 Networks BIG-IP : Linux libuser vulnerability (SOL05770600)

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

7.2CVSS6.9AI score0.06853EPSS
Exploits10References3
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.26 views

Oracle: Security Advisory (ELSA-2015-1483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.1AI score0.06853EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.24 views

Amazon Linux: Security Advisory (ALAS-2015-572)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.1AI score0.06853EPSS
Exploits10References2
OSV
OSV
added 2015/08/11 2:59 p.m.1 views

DEBIAN-CVE-2015-3246

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

7.2CVSS6.7AI score0.06853EPSS
Exploits10References1
OSV
OSV
added 2015/08/11 2:59 p.m.9 views

CVE-2015-3245

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service /etc/passwd corruption via a newline character in the GECOS field...

7.2CVSS5.8AI score0.06853EPSS
Exploits10References9
UbuntuCve
UbuntuCve
added 2015/08/11 2:59 p.m.24 views

CVE-2015-3246

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

7.2CVSS6.9AI score0.06853EPSS
Exploits10References1
Prion
Prion
added 2015/08/11 2:59 p.m.28 views

Code injection

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

7.2CVSS6.5AI score0.06853EPSS
Exploits10References10Affected Software1
Debian CVE
Debian CVE
added 2015/08/11 2:0 p.m.22 views

CVE-2015-3245

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service /etc/passwd corruption via a newline character in the GECOS field...

2.1CVSS6.6AI score0.05315EPSS
Exploits9
CVE
CVE
added 2015/08/11 2:0 p.m.125 views

CVE-2015-3246

Libuser in the userhelper path is affected by two local vulnerabilities (CVE-2015-3245 and CVE-2015-3246) prior to 0.56.13-8 and 0.60 before 0.60-7. CVE-2015-3245 is an incomplete blacklist vulnerability in chfn that can overflow the GECOS field; CVE-2015-3246 directly modifies /etc/passwd, causi...

7.2CVSS8.4AI score0.06853EPSS
Exploits10References10Affected Software1
CVE
CVE
added 2015/08/11 2:0 p.m.138 views

CVE-2015-3245

CVE-2015-3245/3246 describe a local privilege escalation in libuser (and the userhelper/uusermode stack) on Red Hat-based systems. The root cause is an improper input validation: the Chfn function in libuser (before 0.56.13-8 and 0.60 before 0.60-7) and the related path in userhelper allow newlin...

2.1CVSS8.1AI score0.05315EPSS
Exploits9References9Affected Software1
Cvelist
Cvelist
added 2015/08/11 2:0 p.m.26 views

CVE-2015-3245

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service /etc/passwd corruption via a newline character in the GECOS field...

5.7AI score0.05315EPSS
Exploits9References9
Rows per page
Query Builder