24 matches found
EUVD-2012-3387
Malware in sbrugna...
EUVD-2007-4306
Malware in sbrugna...
CVE-2023-49298
OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but c...
UBUNTU-CVE-2023-34241
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...
Linux: Read /etc/hosts.allow (KB)
The access control software consults two files. The search stops at the first match: - Access will be granted when a daemon,client pair matches an entry in the /etc/hosts.allow file. - Otherwise, access will be denied when a daemon,client pair matches an entry in the /etc/hosts.deny file. -...
Linux: SSH /etc/hosts.deny chown
The access control software consults two files. The search stops at the first match: - Access will be granted when a daemon, client pair matches an entry in the /etc/hosts.allow file. - Otherwise, access will be denied when a daemon, client pair matches an entry in the /etc/hosts.deny file. -...
Linux: SSH /etc/hosts.deny chmod
The access control software consults two files. The search stops at the first match: - Access will be granted when a daemon, client pair matches an entry in the /etc/hosts.allow file. - Otherwise, access will be denied when a daemon, client pair matches an entry in the /etc/hosts.deny file. -...
Linux: Read /etc/hosts.deny (KB)
The access control software consults two files. The search stops at the first match: - Access will be granted when a daemon,client pair matches an entry in the /etc/hosts.allow file. - Otherwise, access will be denied when a daemon,client pair matches an entry in the /etc/hosts.deny file. -...
Authorization Bypass
quota is vulnerable to authorization bypass. The service does not use tcpwrappers correctly and the goodclient function in rquotacvs.c invokes the hosts ctl function without a host name, which would cause certain hosts access rules defined in /etc/hosts.allow and /etc/hosts.deny to be ignored and...
[SECURITY] Fedora 20 Update: denyhosts-2.6-29.fc20.1
DenyHosts is a Python script that analyzes the sshd server log messages to determine which hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host and, upon discovering a repeated attack...
[SECURITY] Fedora 19 Update: denyhosts-2.6-28.fc19.1
DenyHosts is a Python script that analyzes the sshd server log messages to determine which hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host and, upon discovering a repeated attack...
OSSEC 2.8 - 'hosts.deny' Local Privilege Escalation
!/usr/bin/python Exploit Title: ossec 2.8 Insecure Temporary File Creation Vulnerability Privilege Escalation Date: 14-11-14 Exploit Author: skynet-13 Vendor Homepage: www.ossec.net/ Software Link: https://github.com/ossec/ossec-hids/archive/2.8.1.tar.gz Version: OSSEC - 2.8 Tested on: Ubunutu...
SuSE 11.1 Security Update : quota (SAT Patch Number 6737)
The quota package was updated to fix an issue with tcpwrappers, where hosts.allow/deny files would have not been correctly honored. CVE-2012-3417 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
Design/Logic Flaw
The goodclient function in rquotad rquotasvc.c in Linux DiskQuota aka quota before 3.17 invokes the hostsctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny...
CVE-2012-3417
The CVE concerns the quota subsystem (Linux DiskQuota) prior to 3.17. The good_client function in rquotad (rquota_svc.c) can call hosts_ctl the first time without a host name, potentially bypassing TCP Wrappers rules in hosts.deny. Several connected advisories confirm affected packages and indica...
PT-2012-4698 · Linux +2 · Linux Diskquota +2
Name of the Vulnerable Software and Affected Versions: Linux DiskQuota aka quota versions prior to 3.17 Description: The issue concerns the good client function in rquotad, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny. This occurs because the hosts ctl function is...
Scientific Linux Security Update : nfs-utils on SL5.x i386/x86_64
It was discovered that nfs-utils did not use tcpwrappers correctly. Certain hosts access rules defined in '/etc/hosts.allow' and '/etc/hosts.deny' may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. CVE-2008-4552 This updated package also fixes th...
CentOS 5 : nfs-utils (CESA-2009:1321)
An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that...
Low: Red Hat Security Advisory: nfs-utils security and bug fix update
An updated nfs-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that...
DEBIAN-CVE-2007-4321
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol versi...