20 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-1063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an...
SUSE: Security Advisory (SUSE-SU-2018:0927-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0926-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : policycoreutils (EulerOS-SA-2021-1395)
According to the version of the policycoreutils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged maliciou...
Updated policycoreutils packages fix a security vulnerability
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state...
EulerOS 2.0 SP3 : policycoreutils (EulerOS-SA-2020-1423)
According to the version of the policycoreutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the...
Huawei EulerOS: Security Advisory for policycoreutils (EulerOS-SA-2019-2400)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : policycoreutils (EulerOS-SA-2019-2400)
According to the version of the policycoreutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the...
NewStart CGSL CORE 5.04 / MAIN 5.04 : policycoreutils Vulnerability (NS-SA-2019-0030)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has policycoreutils packages installed that are affected by a vulnerability: - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux conte...
Low: policycoreutils
Issue Overview: Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when takin...
Scientific Linux Security Update : policycoreutils on SL7.x x86_64 (20180410)
Security Fixes : - policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead CVE-2018-1063 This issue was discovered by Renaud Mtrich Red Hat. Additional Changes : C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...
CentOS 7 : policycoreutils (CESA-2018:0913)
An update for policycoreutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Oracle Linux 7 : policycoreutils (ELSA-2018-0913)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-0913 advisory. 2.5-22.0.1 - Lazy unmount private, shared entry Joe Jin orabug 12560705 2.5-22 - semanage: Fix fcontext help message 1499259 - semanage: Improve semanage-user.8...
openSUSE Security Update : policycoreutils (openSUSE-2018-362)
This update for policycoreutils fixes the following issues : - CVE-2018-1063: Fixed problem to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug bsc1083624. This update was imported from the SUSE:SLE-12-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable...
SUSE SLES12 Security Update : policycoreutils (SUSE-SU-2018:0926-1)
This update for policycoreutils fixes the following issues : - CVE-2018-1063: Fixed problem to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug bsc1083624. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...
SUSE-SU-2018:0926-1 Security update for policycoreutils
This update for policycoreutils fixes the following issues: - CVE-2018-1063: Fixed problem to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug bsc1083624...
RHEL 7 : policycoreutils (RHSA-2018:0913)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0913 advisory. The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fixes: policycoreutils: Relabelling...
Low: Red Hat Security Advisory: policycoreutils security, bug fix, and enhancement update
An update for policycoreutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2018-1063
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state...
CVE-2018-1063
CVE-2018-1063 affects policycoreutils 2.5-11. Relabeling of symbolic links in /tmp and /var/tmp can change the SELinux context of a target when taking SELinux state from disabled to enabled, yielding a local attacker with few restrictions. Exploitation details are not provided in these documents....