MiracleLinux 9 : keepalived-2.2.8-4.el9_5 (AXSA:2025-9635:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9635:02 advisory. keepalived: Integer overflow vulnerability in vrrpipsetshandler CVE-2024-41184 Tenable has extracted the preceding description block directly from the...

EUVD-2011-1782

Malware in sbrugna...

EUVD-2018-10828

Malware in sbrugna...

EUVD-2018-10762

Malware in sbrugna...

NewStart CGSL MAIN 7.02 : keepalived Vulnerability (NS-SA-2025-0171)

The remote NewStart CGSL host, running version MAIN 7.02, has keepalived packages installed that are affected by a vulnerability: - In the vrrpipsetshandler handler fglobalparser.c of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an...

NewStart CGSL MAIN 7.02 : keepalived Vulnerability (NS-SA-2025-0079)

The remote NewStart CGSL host, running version MAIN 7.02, has keepalived packages installed that are affected by a vulnerability: - In the vrrpipsetshandler handler fglobalparser.c of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an...

Alibaba Cloud Linux 3 : 0203: keepalived (ALINUX3-SA-2022:0203)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0203 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-44225: In Keepalived through 2.2.4, the...

SUSE CVE-2024-41184

In the vrrpipsetshandler handler fglobalparser.c of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user...

SUSE CVE-2018-19046

keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name e.g., /tmp/keepalived.data or /tmp/keepalived.stats, with read access for the attacker and...

Amazon Linux 2022 : keepalived (ALAS2022-2022-038)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-038 advisory. A flaw was found in keepalived, where an improper authentication vulnerability allows an unprivileged user to change properties that could lead to an access-control bypass. CVE-2021-44225 Tenable has...

SUSE SLES15 Security Update : keepalived (SUSE-SU-2022:2923-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2923-1 advisory. - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and...

Rocky Linux 8 : keepalived (RLSA-2022:1930)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1930 advisory. - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property...

AlmaLinux 8 : keepalived (ALSA-2022:1930)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1930 advisory. - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property...

USN-5188-1: Keepalived vulnerability

It was discovered that Keepalived incorrectly handled certain messages. An attacker could possibly use this issue to access-control bypass...

Ubuntu 18.04 LTS / 20.04 LTS : Keepalived vulnerability (USN-5188-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5188-1 advisory. It was discovered that Keepalived incorrectly handled certain messages. An attacker could possibly use this issue to access-control bypass. Tenable ha...

NewStart CGSL CORE 5.04 / MAIN 5.04 : keepalived Vulnerability (NS-SA-2019-0219)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has keepalived packages installed that are affected by a vulnerability: - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed loca...

RHEL 7 : keepalived (RHSA-2019:2285)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2285 advisory. The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the...

USN-3995-2 keepalived vulnerability

USN-3995-1 fixed a vulnerability in keepalived. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to...

MGASA-2018-0494 Updated keepalived package fixes security vulnerabilities

keepalived before version 2.0.9 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data ...

CVE-2018-19044

keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or...