new packages: libconfig

An update is available for libconfig. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpri...

Applicative Protocol Multiplexer: SSLH

sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client. Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and any other protocol that can be tested using a regular expression, can be...

CVE-2017-0374

lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...

CVE-2017-0373

The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...

CVE-2017-0373

The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...

CVE-2017-0373

Config-Model (libconfig-model-perl) before 2.102 contains a dangerous "use lib" line in GenClassPod.pm that could let remote attackers influence the system via a crafted Debian package. This CVE-2017-0373 detail is consistently described across multiple feeds (NVD, CNVD, OSV, Ubuntu, Debian OSV, ...

CVE-2017-0373

The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...

CVE-2017-0374

Affected software/component: libconfig-model-perl (Config-Model) – the file lib/Config/Model.pm. Vulnerability: in versions before 2.102, a crafted model in the current working directory can cause local privilege elevation via the INC path mechanism (use of “.” with INC). Impact: local users can ...

MALHEUR - Automatic Analysis of Malware Behavior

A novel tool for malware analysis Malheur is a tool for the automatic analysis of malware behavior program behavior recorded from malicious software in a sandbox environment. It has been designed to support the regular analysis of malicious software and the development of detection and defense...

Ubuntu Update for libconfig-inifiles-perl USN-1543-1

Ubuntu Update for Linux kernel vulnerabilities USN-1543-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15431.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for libconfig-inifiles-perl USN-1543-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-1543-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1543-1: Config-IniFiles vulnerability

It was discovered that the perl Config::IniFiles module created temporary files in an unsafe manner. A local user with write access to the directory containing a configuration file that Config-IniFiles manipulates could exploit this to overwrite arbitrary files...