90 matches found
CVE-2017-6507
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...
UBUNTU-CVE-2017-6507
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...
jboss: jbossas writable config files allow privilege escalation
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group root:jboss, 664. On systems using classic /etc/init.d init scripts i.e. on Red Hat Enterprise Linux 6 a...
jboss: jbossas writable config files allow privilege escalation
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group root:jboss, 664. On systems using classic /etc/init.d init scripts i.e. on Red Hat Enterprise Linux 6 a...
jboss: jbossas writable config files allow privilege escalation
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group root:jboss, 664. On systems using classic /etc/init.d init scripts i.e. on Red Hat Enterprise Linux 6 a...
jboss: jbossas writable config files allow privilege escalation
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group root:jboss, 664. On systems using classic /etc/init.d init scripts i.e. on Red Hat Enterprise Linux 6 a...
Linux Australia Breached by Hackers
Linux Australia, a consortium in charge of organizing Linux conferences Down Under, acknowledged over the weekend it was breached by attackers who were able to secure access to one of its servers, and with it, potential user information. In a detailed email to users on Saturday, the group’s...
RHEL 6 : kernel (RHSA-2013:0662)
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whi...
CVE-2013-6124
The CVE-2013-6124 entry describes a local privilege escalation in Code Aurora Forum (CAF) Android 4.1.x–4.4.x where Qualcomm Innovation Center (QuIC) init scripts allow a symlink attack to modify file metadata. Specifically, during device startup, init shell scripts run with root privileges and m...
Qualcomm chown init scripts
Insecure owner/permission changes in init shell scripts CVE-2013-6124: During the device start-up phase, several init shell scripts are executed with root privileges to configure various aspects of the system. During this process, standard toolchain commands such as chown or chmod are used to,...
Updated varnish packages fix CVE-2013-4484 and correct service behaviour
Updated varnish packages fix security vulnerabilities: Varnish before 3.0.5 allows remote attackers to cause a denial of service child-process crash and temporary caching outage via a GET request with trailing whitespace characters and no URI CVE-2013-4484. Also, the services have been converted...
Fedora Update for systemd FEDORA-2013-17203
Check for the Version of systemd OpenVAS Vulnerability Test Fedora Update for systemd FEDORA-2013-17203 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 19 Update: systemd-204-15.fc19
systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups,...
Input validation
The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...
CVE-2013-1976
The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...
CVE-2013-1976
The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...
Important: Red Hat Security Advisory: tomcat5 and tomcat6 security update
Updated tomcat5 and tomcat6 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...
tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)
The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whi...
DEBIAN-CVE-2012-5530
The 1 pcmd and 2 pmlogger init scripts in Performance Co-Pilot PCP before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/ temporary file...