201 matches found
libuser security update
CentOS Errata and Security Advisory CESA-2015:1482 Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...
Updated libuser package fixes security vulnerabilities
Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate the...
MGASA-2015-0278 Updated libuser package fixes security vulnerabilities
Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate the...
libuser security update
CentOS Errata and Security Advisory CESA-2015:1483 Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...
RHEL 7 : libuser (RHSA-2015:1483)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1483 advisory. The libuser library implements a standardized interface for manipulating and administering user and group accounts. Sample applications that...
libuser: multiple issues
CVE-2015-3245 denial of service It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...
RHEL 6 : libuser (RHSA-2015:1482)
Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
Oracle Linux 7 : libuser (ELSA-2015-1483)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1483 advisory. - Update CVE-2015-3246 patch based on review comments Resolves: 1235519 Tenable has extracted the preceding description block directly from the Oracle...
libuser: Security flaw in handling /etc/passwd file
A flaw was found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their...
Important: Red Hat Security Advisory: libuser security update
Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
libuser: does not filter newline characters in the GECOS field
It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...
libuser: Security flaw in handling /etc/passwd file
A flaw was found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their...
Important: Red Hat Security Advisory: libuser security update
Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
libuser: does not filter newline characters in the GECOS field
It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...
libuser security update
0.60-7 - Update CVE-2015-3246 patch based on review comments Resolves: 1235519 0.60-6 - Fix CVE-2015-3246 Resolves: 1235519...
Qualys Security Advisory - userhelper / libuser
Qualys Security Advisory CVE-2015-3245 userhelper chfn newline filtering CVE-2015-3246 libuser passwd file handling -- Summary ----------------------------------------------------------------- The libuser library implements a standardized interface for manipulating and administering user and grou...
Important: usermode, libuser
Issue Overview: It was found that libuser, as used in the chfn userhelper functionality, does not properly filter out newline characters, which allows an authenticated local attacker to corrupt the /etc/passwd file and cause denial-of-service against the system. CVE-2015-3245 A flaw was found in...
PT-2015-6121 · Libuser +2 · Libuser +2
Name of the Vulnerable Software and Affected Versions: libuser versions prior to 0.56.13-8 libuser versions prior to 0.60-7 Description: The issue allows local users to cause a denial of service, resulting in /etc/passwd corruption, via a newline character in the GECOS field. A local, authenticat...
SOL16877 - libuser vulnerability CVE-2011-0002
libuser before 0.57 uses a cleartext password value of 1 !! or 2 x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values. CVE-2011-0002...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality and integrity of protected information.
The vulnerability of the libuser-devel-0.52.5 package on the CentOS operating system can lead to violations of confidentiality and integrity of protected information. This vulnerability can be exploited remotely...