Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 7 : keepalived-1.3.5-16.el7 (AXSA:2019-4318:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4318:03 advisory. keepalived: Improper pathname validation allows for overwrite of arbitrary filenames via symlinks CVE-2018-19044 Tenable has extracted the preceding...

4.7CVSS6.6AI score0.00501EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-19044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users...

4.7CVSS5.8AI score0.00501EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.27 views

Oracle Linux 7 : keepalived (ELSA-2019-2285)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-2285 advisory. 1.3.5-16 - Rework previous miscscript/vrrpscript patch 1667292 1.3.5-15 - Rework previous checker comparison patch 1715308 1.3.5-14 - Make checker variables non...

4.7CVSS5.7AI score0.00501EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2018-0494)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.03746EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.32 views

EulerOS 2.0 SP3 : keepalived (EulerOS-SA-2020-2123)

According to the version of the keepalived package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This...

4.7CVSS6AI score0.00501EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.68 views

EulerOS Virtualization for ARM 64 3.0.2.0 : keepalived (EulerOS-SA-2020-1561)

According to the version of the keepalived package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintDa...

4.7CVSS5.9AI score0.00501EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for keepalived (EulerOS-SA-2019-2692)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS5.2AI score0.00501EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.99 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : keepalived Vulnerability (NS-SA-2019-0240)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has keepalived packages installed that are affected by a vulnerability: - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed loca...

4.7CVSS5.9AI score0.00501EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/23 12:0 a.m.66 views

EulerOS 2.0 SP5 : keepalived (EulerOS-SA-2019-2692)

According to the version of the keepalived package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This...

4.7CVSS6AI score0.00501EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/02 12:0 a.m.28 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : keepalived Vulnerability (NS-SA-2019-0219)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has keepalived packages installed that are affected by a vulnerability: - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed loca...

4.7CVSS5.9AI score0.00501EPSS
Exploits1References2
Amazon
Amazon
added 2019/10/21 12:0 a.m.40 views

Medium: keepalived

Issue Overview: keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data...

4.7CVSS5.4AI score0.00501EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.32 views

Scientific Linux Security Update : keepalived on SL7.x x86_64 (20190806)

Security Fixes : - keepalived: Improper pathname validation allows for overwrite of arbitrary filenames via symlinks CVE-2018-19044 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128225; scriptversion"1.6";...

4.7CVSS5.8AI score0.00501EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.38 views

openSUSE Security Update : keepalived (openSUSE-2019-1008)

This update for keepalived to version 2.0.10 fixes the following issues : Security issues fixed bsc1015141 : - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...

7.5CVSS5.9AI score0.02377EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2019/03/18 12:0 a.m.31 views

Photon OS 1.0: Keepalived PHSA-2019-1.0-0212

An update of the keepalived package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0212. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

4.7CVSS5.4AI score0.00501EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.26 views

Fedora 29 : keepalived (2018-3fbc181b3e)

Security fix for CVE-2018-19044, CVE-2018-19045, CVE-2018-19046, CVE-2018-19115 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

9.8CVSS6.3AI score0.03746EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2018/12/24 12:0 a.m.60 views

openSUSE Security Update : keepalived (openSUSE-2018-1575)

This update for keepalived to version 2.0.10 fixes the following issues : Security issues fixed bsc1015141 : - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...

7.5CVSS5.9AI score0.02377EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2018/12/22 12:0 a.m.27 views

openSUSE: Security Advisory for keepalived (openSUSE-SU-2018:4212-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS5.5AI score0.02377EPSS
Exploits2References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/12/21 12:8 p.m.102 views

Security update for keepalived (moderate)

This update for keepalived to version 2.0.10 fixes the following issues: Security issues fixed bsc1015141: - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...

0.1AI score0.02377EPSS
Exploits2References3
OSV
OSV
added 2018/11/08 8:29 p.m.27 views

CVE-2018-19044

keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or...

4.7CVSS6.5AI score
Exploits0References5
CVE
CVE
added 2018/11/08 8:0 p.m.146 views

CVE-2018-19044

CVE-2018-19044 applies to keepalived 2.0.8, where improper pathname validation allows local users to overwrite arbitrary files via symlinks when writing to a temporary file (examples: /tmp/keepalived.data or /tmp/keepalived.stats symlinked to /etc/passwd) if fs.protected_symlinks is 0. Connected ...

4.7CVSS4.8AI score0.00501EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder