9 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-8903
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role roles/compute.osLogi...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
SUSE: Security Advisory (SUSE-SU-2020:1934-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : google-compute-engine (openSUSE-2020-996)
This update for google-compute-engine fixes the following issues : - Don't enable and start google-network-daemon.service when it's already installed bsc1169978 + Do not add the created user to the adm CVE-2020-8903, docker CVE-2020-8907, or lxd CVE-2020-8933 groups if they exist bsc1173258 This...
openSUSE: Security Advisory for google-compute-engine (openSUSE-SU-2020:1014-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : google-compute-engine (openSUSE-2020-1014)
This update for google-compute-engine fixes the following issues : - Don't enable and start google-network-daemon.service when it's already installed bsc1169978 + Do not add the created user to the adm CVE-2020-8903, docker CVE-2020-8907, or lxd CVE-2020-8933 groups if they exist bsc1173258 C...
openSUSE: Security Advisory for google-compute-engine (openSUSE-SU-2020:0996-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0996-1 Security update for google-compute-engine
This update for google-compute-engine fixes the following issues: - Don't enable and start google-network-daemon.service when it's already installed bsc1169978 + Do not add the created user to the adm CVE-2020-8903, docker CVE-2020-8907, or lxd CVE-2020-8933 groups if they exist bsc1173258 This...
CVE-2020-8903
CVE-2020-8903 affects Google Cloud Platform's guest-oslogin in versions 20190304–20200507, enabling a user with roles/compute.osLogin to escalate to root by abusing membership in the adm group to read the DHCP XID, modify IP/hostname in /etc/hosts, redirect metadata.google.internal to an arbitrar...