MiracleLinux 4 : hivex-1.3.3-4.3.AXS4 (AXSA:2015-405:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-405:01 advisory. Hive files are the undocumented binary blobs that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these file...

SUSE CVE-2014-9273

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write...

A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability.

...

Low: Red Hat Security Advisory: hivex security update

An update for hivex is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

[SECURITY] Fedora 33 Update: hivex-1.3.21-1.fc33

Hive files are the undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. 'hivexsh' is a shell you can use to interactively navigate a hive binary file. 'hivexregedit' in perl-hivex lets you export and merge to...

[SECURITY] Fedora 33 Update: hivex-1.3.20-1.fc33

Hive files are the undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. 'hivexsh' is a shell you can use to interactively navigate a hive binary file. 'hivexregedit' in perl-hivex lets you export and merge to...

samba: save registry file outside share as unprivileged user

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share...

Samba 4.8.0 < 4.8.10 / 4.9.x < 4.9.6 / 4.10.0 < 4.10.2 Path/Symlink Traversal Vulnerability (CVE-2019-3890)

The version of Samba running on the remote host is 4.8.x 4.8.11 or 4.9.x 4.9.6 or 4.10.0 prior to 4.10.2. It is, therefore, potentially affected by a path/symlink traversal vulnerability. An authenticated, unpriviledged attacker can exploit this issue anywhere they have unix permissions to create...

CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions...

hivex: missing checks for small-sized files

It was found that hivex attempted to read, and possibly write, beyond its allocated buffer when reading a hive file with a very small size or with a truncated or improperly formatted content. An attacker able to supply a specially crafted hive file to an application using the hivex library could...

Moderate: Red Hat Security Advisory: hivex security, bug fix, and enhancement update

Updated hivex packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

CVE-2014-9273

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write...

DEBIAN-CVE-2014-9273

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write...

Out-of-bounds

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write...

CVE-2014-9273

lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write...

[SECURITY] Fedora 21 Update: hivex-1.3.11-4.fc21

Hive files are the undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. 'hivexsh' is a shell you can use to interactively navigate a hive binary file. 'hivexregedit' lets you export and merge to the textual...

[SECURITY] Fedora 20 Update: hivex-1.3.8-4.fc20

Hive files are the undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. 'hivexsh' is a shell you can use to interactively navigate a hive binary file. 'hivexregedit' lets you export and merge to the textual...