39 matches found
MiracleLinux 4 : libuser-0.56.13-8.AXS4 (AXSA:2015-374:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-374:01 advisory. The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable...
Linux Distros Unpatched Vulnerability : CVE-2015-3246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local...
RHEL 5 : libuser (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libuser: TOCTOU race conditions by copying and removing directory trees CVE-2012-5630 - libuser: Security...
Debian: Security Advisory (DLA-468-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in libuser affect Power Hardware Management Console (CVE-2015-3245 CVE-2015-3246)
Summary libuser is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline characters by the chfn function withi...
Security Bulletin: Vulnerabilities in libuser affect PowerKVM (CVE-2015-3245 and CVE-2015-3246)
Summary PowerKVM is affected by two vulnerabilities CVE-2015-3245 and CVE-2015-3246 in libuser. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline character...
Security Bulletin: libuser vulnerabilities affect IBM Storwize V7000 Unified (CVE-2015-3245 and CVE-2015-3246)
Summary Fixes for security vulnerabilities in libuser are available with IBM Storwize V7000 Unified version 1.5.2.2 Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline characters by the chfn...
Security Bulletin: libuser vulnerabilities affect IBM SONAS (CVE-2015-3245 and CVE-2015-3246)
Summary Fixes for security vulnerabilities in libuser are available with IBM SONAS version 1.5.2.2 Vulnerability Details CVEID: CVE-2015-3245 DESCRIPTION: libuser is vulnerable to a denial of service, caused by the failure to properly filter out newline characters by the chfn function within the...
Security Bulletin: Vulnerabilities in Open Source libuser affect IBM Security Guardium (CVE-2015-3246, CVE-2015-3245)
Summary The vulnerabilities allow local users to perform denial-of-service and privilege-escalation attacks Vulnerability Details CVEID: CVE-2015-3246 DESCRIPTION: libuser could allow a local authenticated attacker to gain elevated privileges on the system, caused by the improper handling of the...
Security Bulletin: Vulnerabilities in libuser affect IBM Security Network Protection (CVE-2015-3245, CVE-2015-3246)
Summary The libuser library implements a standardized interface for manipulating and administering user and group accounts used by multiple programs on the system. Security vulnerabilities have been discovered in libuser used with IBM Security Network Protection. Vulnerability Details CVE ID:...
F5 Networks BIG-IP : Linux libuser vulnerability (SOL05770600)
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...
SOL05770600 - Linux libuser vulnerability CVE-2015-3246
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
Oracle: Security Advisory (ELSA-2015-1483)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for libuser (openSUSE-SU-2015:1332-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2015-572)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-3246
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...
CVE-2015-3246
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...
CVE-2015-3246
Libuser in the userhelper path is affected by two local vulnerabilities (CVE-2015-3245 and CVE-2015-3246) prior to 0.56.13-8 and 0.60 before 0.60-7. CVE-2015-3245 is an incomplete blacklist vulnerability in chfn that can overflow the GECOS field; CVE-2015-3246 directly modifies /etc/passwd, causi...
CentOS Update for libuser CESA-2015:1483 centos7
Check the version of libuser SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882230";...
Scientific Linux Security Update : libuser on SL6.x i386/x86_64 (20150723)
Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate the...