24 matches found
MiracleLinux 8 : tang-7-8.el8 (AXSA:2023-7186:03)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7186:03 advisory. tang: Race condition exists in the key generation and rotation functionality CVE-2023-1672 Tenable has extracted the preceding description block directly fro...
TencentOS Server 3: tang (TSSA-2023:0292)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0292 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 4: tang (TSSA-2025:0140)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0140 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0043: tang (ALINUX3-SA-2024:0043)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0043 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-1672: A race condition exists in the Tang...
Oracle Linux 8 : tang (ELSA-2023-7022)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7022 advisory. 7-8 - Set correct user/group tang/tang in tangd-keygen Resolves: rhbz2188743 7-7 - Fix race condition when creating/rotating keys Resolves: rhbz2182410 Resolves...
Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : Tang vulnerability (USN-6489-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6489-1 advisory. Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly...
tang security and bug fix update
7-8 - Set correct user/group tang/tang in tangd-keygen Resolves: rhbz2188743 7-7 - Fix race condition when creating/rotating keys Resolves: rhbz2182410 Resolves: CVE-2023-1672...
Oracle Linux 9 : tang (ELSA-2023-6492)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-6492 advisory. 14-2 - Fix service start up 14-1 - New upstream release - v14. Resolves: rhbz2182411 Resolves: CVE-2023-1672 Tenable has extracted the preceding description blo...
ALSA-2023:7022 Moderate: tang security and bug fix update
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption NBDE project. Security Fixes: tang: Race condition exists in the key...
Moderate: tang security and bug fix update
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption NBDE project. Security Fixes: tang: Race condition exists in the key...
RHEL 8 : tang (RHSA-2023:7022)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:7022 advisory. Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service...
CentOS 8 : tang (CESA-2023:7022)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:7022 advisory. - A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys...
tang security update
14-2 - Fix service start up 14-1 - New upstream release - v14. Resolves: rhbz2182411 Resolves: CVE-2023-1672...
ALSA-2023:6492 Moderate: tang security update
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption NBDE project. Security Fixes: tang: Race condition exists in the key...
Debian dla-3648 : tang - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3648 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3648-1 [email protected] https://www.debian.org/lts/security/...
RHEL 9 : tang (RHSA-2023:6492)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6492 advisory. Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service...
CVE-2023-1672 affecting package tang for versions less than 14-1
CVE-2023-1672 affecting package tang for versions less than 14-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-1672
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host...
CVE-2023-1672
The CVE-2023-1672 entry describes a race condition in Tang server key generation/rotation that could allow Tang private keys to be read by other processes on the same host. Connected advisories/plugins confirm Tang is affected across multiple Linux distributions (e.g., MiracleLinux tang-14-2.el9,...
CVE-2023-1672 Race condition exists in the key generation and rotation functionality
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host...