UBUNTU-CVE-2026-43617

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

PT-2023-31158 · Unknown +3 · Gnu Core Utilities +3

Name of the Vulnerable Software and Affected Versions: OpenZFS versions 2.1.13 and earlier OpenZFS versions 2.2.x through 2.2.1 Description: The issue is related to the replacement of file contents with zero-valued bytes, potentially disabling security mechanisms in certain scenarios involving...

OESA-2023-1410 cups security update

Security Fixes: OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have...

SUSE CVE-2012-3417

The goodclient function in rquotad rquotasvc.c in Linux DiskQuota aka quota before 3.17 invokes the hostsctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny...

CVE-2021-3325

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...

UBUNTU-CVE-2021-3325

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...

security/ossec-hids-* -- root escalation via temp files

OSSEC reports: This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just...

quota: incorrect use of tcp_wrappers

The goodclient function in rquotad rquotasvc.c in Linux DiskQuota aka quota before 3.17 invokes the hostsctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny...

net-snmp: incorrect application of hosts access restrictions in hosts.{allow,deny}

The netsnmpudpfmtaddr function snmplib/snmpUDPDomain.c in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to...

CVE-2007-4323

DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version...

CVE-2006-6301

DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain...