12 matches found
Ubuntu 16.04 ESM / 18.04 ESM : aria2 vulnerability (USN-4869-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4869-1 advisory. It was discovered that aria2 could accidentally leak authentication data. An attacker could possibly use this to gain access to sensitive information...
SUSE CVE-2019-3500
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file...
openSUSE: Security Advisory for aria2 (openSUSE-SU-2021:1125-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : aria2 (openSUSE-SU-2021:1125-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1125-1 advisory. - aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users ...
Fedora Update for aria2 FEDORA-2019-8b8c774b84
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2019:0050-1 Security update for aria2
This update for aria2 fixes the following security issue: - CVE-2019-3500: Metadata and potential password leaks via --log= boo1120488...
[SECURITY] [DLA 1636-1] aria2 security update
Package : aria2 Version : 1.18.8-1+deb8u1 CVE ID : CVE-2019-3500 Debian Bug : 918058 It was discovered that aria2 the lightweight command-line download utility can store passed user credentials in a log file when using the --log option. This might allow local users to obtain sensitive information...
openSUSE Security Update : aria2 (openSUSE-2019-50)
This update for aria2 fixes the following security issue : - CVE-2019-3500: Metadata and potential password leaks via --log= boo1120488 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE: Security Advisory for aria2 (openSUSE-SU-2019:0050-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for aria2 (moderate)
openSUSE Security Update: Security update for aria2 Announcement ID: openSUSE-SU-2019:0050-1 Rating: moderate References: 1120488 Cross-References: CVE-2019-3500 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes one vulnerability is now...
CVE-2019-3500
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file...
CVE-2019-3500
CVE-2019-3500 affects the download utility aria2 : when using --log, credentials (HTTP Basic username/password) can be written to a local log file, potentially exposing them to local users. The issue is tied to how aria2 handles logging rather than network flow, with vendor advisories and patch l...