19 matches found
Fedora 28 : 1:NetworkManager-vpnc (2018-eb5ea0abaf)
Update to 1.2.6 to fix a local authenticated privilege escalation bug CVE-2018-10900. The issue has been discovered and responsibly disclosed by Denis Andzakovic: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Note that Tenable Network Security has extracted the preceding description bloc...
CVE-2018-10900
creationtimestamp| type| source ---|---|--- 2018-08-30 15:55:58+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/networkmanagervpncusernameprivesc.rb 2018-08-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45313 2018-08-31...
openSUSE Security Update : NetworkManager-vpnc (openSUSE-2018-859)
This update for NetworkManager-vpnc fixes the following issues : Security issue fixed : - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147. This update was imported from the SUSE:SLE-12-SP2:Update update project...
openSUSE: Security Advisory for Recommended (openSUSE-SU-2018:2307-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Recommended update for NetworkManager-vpnc (moderate)
This update for NetworkManager-vpnc fixes the following issues: Security issue fixed: - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147. This update was imported from the SUSE:SLE-12-SP2:Update update project...
SUSE SLED12 Security Update : Recommended update for NetworkManager-vpnc (SUSE-SU-2018:2297-1)
This update for NetworkManager-vpnc fixes the following issues: Security issue fixed : - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147. Note that Tenable Network Security has extracted the preceding description block...
SUSE-SU-2018:2297-1 Recommended update for NetworkManager-vpnc
This update for NetworkManager-vpnc fixes the following issues: Security issue fixed: - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147...
[SECURITY] [DLA 1454-1] network-manager-vpnc security update
Package : network-manager-vpnc Version : 0.9.10.0-1+deb8u1 CVE ID : CVE-2018-10900 Debian Bug : 904255 Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to...
Fedora 27 : 1:NetworkManager-vpnc (2018-ac02463f82)
Update to 1.2.6 to fix a local authenticated privilege escalation bug CVE-2018-10900. The issue has been discovered and responsibly disclosed by Denis Andzakovic: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Note that Tenable Network Security has extracted the preceding description bloc...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
CVE-2018-10900
NetworkManager VPNC plugin (networkmanager-vpnc) before version 1.2.6 is vulnerable to a local privilege-escalation flaw. A newline character in a configuration parameter can inject a Password helper directive into the VPNC configuration, causing NetworkManager to execute arbitrary commands as ro...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
Debian DSA-4253-1 : network-manager-vpnc - security update
Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to inject a Password helper parameter into the configuration data passed to vpnc, allowing a local user wit...
Network Manager VPNC 1.2.4 Privilege Escalation Vulnerability
Network Manager VPNC version 1.2.4 suffers from a privilege escalation vulnerability. Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc CVE: CVE-2018-10900 Author: Denis Andzakovic Source:...
[SECURITY] [DSA 4253-1] network-manager-vpnc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4253-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4253-1] network-manager-vpnc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4253-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2018 https://www.debian.org/security/faq -...
Network Manager VPNC 1.2.4 Privilege Escalation
Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Date Released: 21/07/2018 CVE: CVE-2018-10900 Author: Denis Andzakovic Source: https://gitlab.gnome.org/GNOME/NetworkManager-vpnc Affected Software: Network Manager VPNC ...
[ASA-201807-13] networkmanager-vpnc: privilege escalation
Arch Linux Security Advisory ASA-201807-13 ========================================== Severity: High Date : 2018-07-20 CVE-ID : CVE-2018-10900 Package : networkmanager-vpnc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-739 Summary ======= The package...