20 matches found
Mageia: Security Advisory (MGASA-2019-0080)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0438-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for gvfs (EulerOS-SA-2019-2156)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : gvfs Vulnerability (NS-SA-2019-0238)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has gvfs packages installed that are affected by a vulnerability: - An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users...
NewStart CGSL CORE 5.04 / MAIN 5.04 : gvfs Vulnerability (NS-SA-2019-0224)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gvfs packages installed that are affected by a vulnerability: - An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users...
EulerOS 2.0 SP5 : gvfs (EulerOS-SA-2019-2156)
According to the version of the gvfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileg...
CentOS 7 : gvfs (CESA-2019:2145)
An update for gvfs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Scientific Linux Security Update : gvfs on SL7.x x86_64 (20190806)
Security Fixes : - gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password CVE-2019-3827 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include"compat.inc"; if description scriptid128221...
gvfs security and bug fix update
1.36.2-3 - Force NT1 protocol version for workgroup support 1619719 1.36.2-2 - Prevent spawning new daemons if outgoing operation exists 1632960 - CVE-2019-3827: Prevent access if any authentication agent isnt available 1673887...
Oracle Linux 8 : gvfs (ELSA-2019-1517)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1517 advisory. - CVE-2019-3827: Prevent access if any authentication agent isn't available 1690470 Tenable has extracted the preceding description block directly from the Orac...
gvfs security update
1.36.2-2.1 - CVE-2019-3827: Prevent access if any authentication agent isn't available 1690470 1.36.2-2 - rebuild...
CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...
DEBIAN-CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...
CVE-2019-3827
CVE-2019-3827 affects gvfs prior to 1.39.4. A flawed permission check in the admin backend allows reading and modifying arbitrary files by privileged users when no authentication agent is running, enabling local privilege escalation under certain system configurations. Multiple connected advisori...
OPENSUSE-SU-2019:0261-1 Security update for gvfs
This update for gvfs fixes the following issues: Security vulnerability fixed: - CVE-2019-3827: Fixed an issue whereby an unprivileged user was not prompted to give a password when acessing root owned files. bsc1125084 This update was imported from the SUSE:SLE-15:Update update project...
openSUSE Security Update : gvfs (openSUSE-2019-261)
This update for gvfs fixes the following issues : Security vulnerability fixed : - CVE-2019-3827: Fixed an issue whereby an unprivileged user was not prompted to give a password when acessing root owned files. bsc1125084 This update was imported from the SUSE:SLE-15:Update update project...
openSUSE: Security Advisory for gvfs (openSUSE-SU-2019:0261-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for gvfs (important)
openSUSE Security Update: Security update for gvfs Announcement ID: openSUSE-SU-2019:0261-1 Rating: important References: 1125084 Cross-References: CVE-2019-3827 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for gvfs fixes...
Updated gvfs packages fix security vulnerability
The backend currently allows to access and modify files without prompting for password if any polkit authentication agent isn't available. This affects only users which belong to wheel group i.e. those who are already allowed to use sudo. It doesn't allow privilege escalation for users, who don't...
CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...