MiracleLinux 9 : nano-5.6.1-6.el9 (AXSA:2024-9155:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9155:02 advisory. nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742...

MiracleLinux 8 : nano-2.9.8-3.el8_10 (AXSA:2024-8840:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8840:01 advisory. nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742...

EUVD-2024-47130

Malicious code in bioql PyPI...

RockyLinux 9 : nano (RLSA-2024:9430)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9430 advisory. nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742...

Oracle Linux 9 : nano (ELSA-2024-9430)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9430 advisory. 5.6.1-6 - fix emergency file replacement vulnerability RHEL-35237 Tenable has extracted the preceding description block directly from the Oracle Linux security...

nano security update

5.6.1-6 - fix emergency file replacement vulnerability RHEL-35237...

nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

RHEL 9 : nano (RHSA-2024:9430)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9430 advisory. GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the...

ALSA-2024:9430 Low: nano security update

GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...

Rocky Linux 8 : nano (RLSA-2024:6986)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6986 advisory. nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742...

nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

nano security update

2.9.8-3 - fix incomplete backport of the fix for the emergency file replacement vulnerability RHEL-35236 2.9.8-2 - fix emergency file replacement vulnerability RHEL-35236...

Oracle Linux 8 : nano (ELSA-2024-6986)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-6986 advisory. 2.9.8-3 - fix incomplete backport of the fix for the emergency file replacement vulnerability RHEL-35236 2.9.8-2 - fix emergency file replacement vulnerability...

Medium: nano

Issue Overview: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 Affected Packages: nano Issue Correction: Run dnf update nano --releasever 2023.5.20240722 or dnf update --advisory...

Medium: nano

Issue Overview: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 Affected Packages: nano Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...

Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file

...

OESA-2024-1735 nano security update

Nano is now part of Apache CouchDB. Security Fixes: A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a windo...

Debian dla-3831 : nano - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3831 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3831-1 [email protected] https://www.debian.org/lts/security/...

Updated nano packages fix security vulnerability

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...