CLSA-2022-1649695900 Fix of CVE: CVE-2021-41617

CVE-2021-41617: add missing initgroups required before setresgid...

CLSA-2022-1649695840 Fix of CVE: CVE-2021-41617

CVE-2021-41617: add missing initgroups required before setresgid...

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

sssd bug fix and enhancement update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

CLSA-2021-1639681866 Fix CVE(s): CVE-2021-41617

SECURITY UPDATE: helper programs may run with privilege escalation - debian/patches/CVE-2021-41617.patch: set initgroups before setresgid - CVE-2021-41617...

SUSE: Security Advisory (SUSE-SU-2012:0127-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2019:0789-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other isses addressed: - Fixed an issue which caused openSSL mismatch bsc1125401 - Fixed...

SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1)

This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: Fixed several bugs in the BANCOMM reclock driver. Fixed...

SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1)

This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: Make sure that SLE12 version is higher than the one in SLE11...

SUSE-SU-2019:0775-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: - Fixed several bugs in the BANCOMM reclock driver. - Fixed...

RedHat Update for sssd RHSA-2015:2355-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 11.1 Security Update : KVM (SAT Patch Number 5655)

The following vulnerabilities have been fixed in KVM : - buffer overflow in e1000 device emulation. CVE-2012-0029 - missing initgroups for -runas CVE-2011-2527 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

SuSE 11.1 Security Update : glibc (SAT Patch Number 2700)

This update of glibc fixes the following bugs and security issues : - The implementation of initgroups of the nsscompat module omits all NIS groups at the second invocation within the same process, and also uses a needlessly inefficient method to determine the NIS groups. - An integer overflow th...

SuSE 10 Security Update : cron (ZYPP Patch Number 6865)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. - CVSS v2 Base Score: 3.6 Additionally the return value of initgroups is verified now. CVE-2010-0424 %NASLMINLEVEL 70300 C Tenable Network Security,...

openSUSE Security Update : cron (cron-2026)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. CVE-2010-0424: CVSS v2 Base Score: 3.6 Additionally the return value of initgroups is verified now. %NASLMINLEVEL 70300 C Tenable Network Security,...

openSUSE Security Update : cron (cron-2026)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. CVE-2010-0424: CVSS v2 Base Score: 3.6 Additionally the return value of initgroups is verified now. %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE 11 Security Update : cron (SAT Patch Number 2027)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. Additionally the return value of initgroups is verified now. CVE-2010-0424: CVSS v2 Base Score: 3.6 %NASLMINLEVEL 70300 C Tenable Network Security,...

openSUSE Security Update : cron (cron-2026)

This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry. CVE-2010-0424: CVSS v2 Base Score: 3.6 Additionally the return value of initgroups is verified now. %NASLMINLEVEL 70300 C Tenable Network Security,...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : cron vulnerability (USN-778-1)

It was discovered that cron did not properly check the return code of the setgid and initgroups system calls. A local attacker could use this to escalate group privileges. Please note that cron versions 3.0pl1-64 and later were already patched to address the more serious setuid check referred to ...