11 matches found
CVE-2021-29133
Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...
openSUSE 15 Security Update : haserl (openSUSE-SU-2021:1279-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1279-1 advisory. - Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any...
openSUSE: Security Advisory for haserl (openSUSE-SU-2021:1279-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:1279-1 Security update for haserl
This update for haserl fixes the following issues: Update to version 0.9.36: Fixed: Its possible to issue a PUT request without a CONTENT-TYPE. Assume an octet-stream in that case. This is CVE-2021-29133 and boo1187671 Change the Prefix for variables to be the REQUESTMETHOD PUT/DELETE/GET/POST TH...
Security update for haserl (moderate)
openSUSE Security Update: Security update for haserl Announcement ID: openSUSE-SU-2021:1279-1 Rating: moderate References: 1187671 Cross-References: CVE-2021-29133 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 An...
Haserl Arbitrary File Reader
This module exploits haserl prior to 0.9.36 to read arbitrary files. The most widely accepted exploitation vector is reading /etc/shadow, which will reveal root's hash for cracking. Module Options msf use post/linux/gather/haserlread msf posthaserlread show actions ...actions... msf posthaserlrea...
CVE-2021-29133
creationtimestamp| type| source ---|---|--- 2021-04-09 11:17:02+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/post/linux/gather/haserlread.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:36+00:00| seen|...
CVE-2021-29133
Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...
CVE-2021-29133
Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...
CVE-2021-29133
Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem...
CVE-2021-29133
CVE-2021-29133 affects haserl, a component of the Alpine Linux Configuration Framework. Before 0.9.36, it fails to verify context, enabling local users to read arbitrary files on the filesystem. Affected: haserl prior to 0.9.36 (Alpine Linux Configuration Framework). Known remediation: upgrade to...