19 matches found
Fedora 28 : 1:NetworkManager-vpnc (2018-eb5ea0abaf)
Update to 1.2.6 to fix a local authenticated privilege escalation bug CVE-2018-10900. The issue has been discovered and responsibly disclosed by Denis Andzakovic: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Note that Tenable Network Security has extracted the preceding description bloc...
CVE-2018-10900
creationtimestamp| type| source ---|---|--- 2018-08-30 15:55:58+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/networkmanagervpncusernameprivesc.rb 2018-08-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45313 2018-08-31...
openSUSE Security Update : NetworkManager-vpnc (openSUSE-2018-859)
This update for NetworkManager-vpnc fixes the following issues : Security issue fixed : - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147. This update was imported from the SUSE:SLE-12-SP2:Update update project...
openSUSE: Security Advisory for Recommended (openSUSE-SU-2018:2307-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Recommended update for NetworkManager-vpnc (moderate)
This update for NetworkManager-vpnc fixes the following issues: Security issue fixed: - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147. This update was imported from the SUSE:SLE-12-SP2:Update update project...
SUSE SLED12 Security Update : Recommended update for NetworkManager-vpnc (SUSE-SU-2018:2297-1)
This update for NetworkManager-vpnc fixes the following issues: Security issue fixed : - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147. Note that Tenable Network Security has extracted the preceding description block...
SUSE-SU-2018:2297-1 Recommended update for NetworkManager-vpnc
This update for NetworkManager-vpnc fixes the following issues: Security issue fixed: - CVE-2018-10900: Check configurations that contain newline characters and invalidate them to avoid security attacks bsc1101147...
[SECURITY] [DLA 1454-1] network-manager-vpnc security update
Package : network-manager-vpnc Version : 0.9.10.0-1+deb8u1 CVE ID : CVE-2018-10900 Debian Bug : 904255 Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to...
Fedora 27 : 1:NetworkManager-vpnc (2018-ac02463f82)
Update to 1.2.6 to fix a local authenticated privilege escalation bug CVE-2018-10900. The issue has been discovered and responsibly disclosed by Denis Andzakovic: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Note that Tenable Network Security has extracted the preceding description bloc...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
CVE-2018-10900
NetworkManager VPNC plugin (networkmanager-vpnc) before version 1.2.6 is vulnerable to a local privilege-escalation flaw. A newline character in a configuration parameter can inject a Password helper directive into the VPNC configuration, causing NetworkManager to execute arbitrary commands as ro...
CVE-2018-10900
Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...
Network Manager VPNC 1.2.4 Privilege Escalation Vulnerability
Network Manager VPNC version 1.2.4 suffers from a privilege escalation vulnerability. Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc CVE: CVE-2018-10900 Author: Denis Andzakovic Source:...
Debian DSA-4253-1 : network-manager-vpnc - security update
Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to inject a Password helper parameter into the configuration data passed to vpnc, allowing a local user wit...
[SECURITY] [DSA 4253-1] network-manager-vpnc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4253-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4253-1] network-manager-vpnc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4253-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2018 https://www.debian.org/security/faq -...
Network Manager VPNC 1.2.4 Privilege Escalation
Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc Date Released: 21/07/2018 CVE: CVE-2018-10900 Author: Denis Andzakovic Source: https://gitlab.gnome.org/GNOME/NetworkManager-vpnc Affected Software: Network Manager VPNC ...
[ASA-201807-13] networkmanager-vpnc: privilege escalation
Arch Linux Security Advisory ASA-201807-13 ========================================== Severity: High Date : 2018-07-20 CVE-ID : CVE-2018-10900 Package : networkmanager-vpnc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-739 Summary ======= The package...