Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.23 views

openSUSE: Security Advisory for libu2f-host, pam_u2f (openSUSE-SU-2019:1708-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS6.1AI score0.02885EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/07/22 12:0 a.m.31 views

openSUSE Security Update : libu2f-host / pam_u2f (openSUSE-2019-1725)

This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues : Security issues fixed for libu2f-host : - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. Security issues fixed for pamu2f : - CVE-2019-12209: Fixed an issue where symlinks ...

8.1CVSS6.3AI score0.02885EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2019/07/22 12:0 a.m.39 views

openSUSE Security Update : libu2f-host / pam_u2f (openSUSE-2019-1708)

This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues : Security issues fixed for libu2f-host : - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. Security issues fixed for pamu2f : - CVE-2019-12209: Fixed an issue where symlinks ...

8.1CVSS6.3AI score0.02885EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2019/07/20 12:0 a.m.24 views

openSUSE: Security Advisory for libu2f-host, pam_u2f (openSUSE-SU-2019:1725-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS6.1AI score0.02885EPSS
Exploits2References2
OSV
OSV
added 2019/07/19 3:59 p.m.8 views

OPENSUSE-SU-2019:1725-1 Security update for libu2f-host, pam_u2f

This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues: Security issues fixed for libu2f-host: - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. Security issues fixed for pamu2f: - CVE-2019-12209: Fixed an issue where symlinks in...

8.1CVSS7.6AI score0.02885EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2019/07/05 12:0 a.m.28 views

SUSE SLED12 / SLES12 Security Update : libu2f-host (SUSE-SU-2019:1749-1)

This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues : Security issues fixed for libu2f-host : CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. CVE-2018-20340: Fixed an unchecked buffer, which could allow a buffer overflow with a...

8.1CVSS6.3AI score0.02885EPSS
Exploits2References13
NVD
NVD
added 2019/06/04 9:29 p.m.15 views

CVE-2019-12209

Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile default $HOME/.config/Yubico/u2fkeys as root unless openasuser was enabled, and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM...

7.5CVSS7.7AI score0.02885EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2019/06/04 9:29 p.m.24 views

CVE-2019-12209

Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile default $HOME/.config/Yubico/u2fkeys as root unless openasuser was enabled, and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM...

7.5CVSS6.7AI score0.02885EPSS
Exploits1References3
CVE
CVE
added 2019/06/04 8:26 p.m.355 views

CVE-2019-12209

CVE-2019-12209 affects Yubico PAM-u2f, specifically the 1.0.7 release. The vulnerability arises when parsing the configured authfile (default $HOME/.config/Yubico/u2f_keys): the path is treated with root permissions and there is insufficient verification that the path contains no symlinks pointin...

7.5CVSS7.4AI score0.02885EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder