Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2018-1063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an...

4.4CVSS5.7AI score0.00394EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2018:0927-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS5.3AI score0.00394EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2018:0926-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS5.3AI score0.00394EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.30 views

EulerOS Virtualization for ARM 64 3.0.2.0 : policycoreutils (EulerOS-SA-2021-1395)

According to the version of the policycoreutils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged maliciou...

4.4CVSS5.9AI score0.00394EPSS
Exploits0References2
Mageia
Mageia
added 2021/01/17 4:7 p.m.31 views

Updated policycoreutils packages fix a security vulnerability

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state...

4.4CVSS1.8AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/04/15 12:0 a.m.25 views

EulerOS 2.0 SP3 : policycoreutils (EulerOS-SA-2020-1423)

According to the version of the policycoreutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the...

4.4CVSS5.9AI score0.00394EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for policycoreutils (EulerOS-SA-2019-2400)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS4.7AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.19 views

EulerOS 2.0 SP2 : policycoreutils (EulerOS-SA-2019-2400)

According to the version of the policycoreutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the...

4.4CVSS5.9AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.23 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : policycoreutils Vulnerability (NS-SA-2019-0030)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has policycoreutils packages installed that are affected by a vulnerability: - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux conte...

4.4CVSS5.9AI score0.00394EPSS
Exploits0References2
Amazon
Amazon
added 2018/09/12 12:0 a.m.22 views

Low: policycoreutils

Issue Overview: Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when takin...

4.4CVSS5.4AI score0.00394EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/05/01 12:0 a.m.20 views

Scientific Linux Security Update : policycoreutils on SL7.x x86_64 (20180410)

Security Fixes : - policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead CVE-2018-1063 This issue was discovered by Renaud Mtrich Red Hat. Additional Changes : C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

4.4CVSS5.5AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/27 12:0 a.m.63 views

CentOS 7 : policycoreutils (CESA-2018:0913)

An update for policycoreutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.4CVSS5.7AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/18 12:0 a.m.50 views

Oracle Linux 7 : policycoreutils (ELSA-2018-0913)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-0913 advisory. 2.5-22.0.1 - Lazy unmount private, shared entry Joe Jin orabug 12560705 2.5-22 - semanage: Fix fcontext help message 1499259 - semanage: Improve semanage-user.8...

4.4CVSS5.7AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/13 12:0 a.m.28 views

openSUSE Security Update : policycoreutils (openSUSE-2018-362)

This update for policycoreutils fixes the following issues : - CVE-2018-1063: Fixed problem to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug bsc1083624. This update was imported from the SUSE:SLE-12-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable...

4.4CVSS5.5AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/12 12:0 a.m.25 views

SUSE SLES12 Security Update : policycoreutils (SUSE-SU-2018:0926-1)

This update for policycoreutils fixes the following issues : - CVE-2018-1063: Fixed problem to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug bsc1083624. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

4.4CVSS5.5AI score0.00394EPSS
Exploits0References4
OSV
OSV
added 2018/04/11 4:1 p.m.6 views

SUSE-SU-2018:0926-1 Security update for policycoreutils

This update for policycoreutils fixes the following issues: - CVE-2018-1063: Fixed problem to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug bsc1083624...

4.4CVSS4.6AI score0.00394EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/04/11 12:0 a.m.91 views

RHEL 7 : policycoreutils (RHSA-2018:0913)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0913 advisory. The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fixes: policycoreutils: Relabelling...

4.4CVSS5.8AI score0.00394EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2018/04/10 10:11 a.m.61 views

Low: Red Hat Security Advisory: policycoreutils security, bug fix, and enhancement update

An update for policycoreutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.4CVSS6.1AI score0.00394EPSS
Exploits0References12
OSV
OSV
added 2018/03/02 3:29 p.m.5 views

CVE-2018-1063

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state...

4.4CVSS4.5AI score
Exploits0References2
CVE
CVE
added 2018/03/02 3:0 p.m.240 views

CVE-2018-1063

CVE-2018-1063 affects policycoreutils 2.5-11. Relabeling of symbolic links in /tmp and /var/tmp can change the SELinux context of a target when taking SELinux state from disabled to enabled, yielding a local attacker with few restrictions. Exploitation details are not provided in these documents....

4.4CVSS4.4AI score0.00394EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder