11 matches found
EUVD-2018-10763
Malware in sbrugna...
SUSE CVE-2018-19045
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...
EulerOS 2.0 SP5 : keepalived (EulerOS-SA-2020-1919)
According to the version of the keepalived package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local...
Huawei EulerOS: Security Advisory for keepalived (EulerOS-SA-2020-1157)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2018-19045
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...
CVE-2018-19044
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or...
CVE-2018-19046
keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name e.g., /tmp/keepalived.data or /tmp/keepalived.stats, with read access for the attacker and...
CVE-2018-19045
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...
DEBIAN-CVE-2018-19044
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or...
CVE-2018-19044
CVE-2018-19044 applies to keepalived 2.0.8, where improper pathname validation allows local users to overwrite arbitrary files via symlinks when writing to a temporary file (examples: /tmp/keepalived.data or /tmp/keepalived.stats symlinked to /etc/passwd) if fs.protected_symlinks is 0. Connected ...
CVE-2018-19044
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or...