Lucene search
K

201 matches found

Cent OS
Cent OS
added 2015/07/26 2:24 p.m.409 views

libuser security update

CentOS Errata and Security Advisory CESA-2015:1482 Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...

7.2CVSS6.8AI score0.06853EPSS
Exploits10References7
Mageia
Mageia
added 2015/07/24 4:36 p.m.31 views

Updated libuser package fixes security vulnerabilities

Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate the...

7.2CVSS9.1AI score0.06853EPSS
Exploits10References5
OSV
OSV
added 2015/07/24 4:36 p.m.9 views

MGASA-2015-0278 Updated libuser package fixes security vulnerabilities

Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate the...

7.2CVSS6.6AI score0.06853EPSS
Exploits10References6
Cent OS
Cent OS
added 2015/07/24 11:44 a.m.73 views

libuser security update

CentOS Errata and Security Advisory CESA-2015:1483 Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...

7.2CVSS6.8AI score0.06853EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2015/07/24 12:0 a.m.39 views

RHEL 7 : libuser (RHSA-2015:1483)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1483 advisory. The libuser library implements a standardized interface for manipulating and administering user and group accounts. Sample applications that...

7.2CVSS7.1AI score0.06853EPSS
Exploits10References6
ArchLinux
ArchLinux
added 2015/07/24 12:0 a.m.38 views

libuser: multiple issues

CVE-2015-3245 denial of service It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...

7.2CVSS2.3AI score0.06853EPSS
Exploits10References3
Tenable Nessus
Tenable Nessus
added 2015/07/24 12:0 a.m.44 views

RHEL 6 : libuser (RHSA-2015:1482)

Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

7.2CVSS6.8AI score0.06853EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2015/07/24 12:0 a.m.29 views

Oracle Linux 7 : libuser (ELSA-2015-1483)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1483 advisory. - Update CVE-2015-3246 patch based on review comments Resolves: 1235519 Tenable has extracted the preceding description block directly from the Oracle...

7.2CVSS7.2AI score0.06853EPSS
Exploits10References3
RedHat Linux
RedHat Linux
added 2015/07/23 8:44 p.m.4 views

libuser: Security flaw in handling /etc/passwd file

A flaw was found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their...

7.2CVSS7.3AI score0.06853EPSS
Exploits10References5
RedHat Linux
RedHat Linux
added 2015/07/23 8:44 p.m.40 views

Important: Red Hat Security Advisory: libuser security update

Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

7.2CVSS6.8AI score0.06853EPSS
Exploits10References3
RedHat Linux
RedHat Linux
added 2015/07/23 8:44 p.m.3 views

libuser: does not filter newline characters in the GECOS field

It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...

2.1CVSS7.3AI score0.05315EPSS
Exploits9References5
RedHat Linux
RedHat Linux
added 2015/07/23 5:59 p.m.2 views

libuser: Security flaw in handling /etc/passwd file

A flaw was found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their...

7.2CVSS7.3AI score0.06853EPSS
Exploits10References5
RedHat Linux
RedHat Linux
added 2015/07/23 5:59 p.m.36 views

Important: Red Hat Security Advisory: libuser security update

Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

7.2CVSS6.8AI score0.06853EPSS
Exploits10References3
RedHat Linux
RedHat Linux
added 2015/07/23 5:59 p.m.4 views

libuser: does not filter newline characters in the GECOS field

It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...

2.1CVSS7.3AI score0.05315EPSS
Exploits9References5
Oracle linux
Oracle linux
added 2015/07/23 12:0 a.m.28 views

libuser security update

0.60-7 - Update CVE-2015-3246 patch based on review comments Resolves: 1235519 0.60-6 - Fix CVE-2015-3246 Resolves: 1235519...

7.2CVSS1.8AI score0.06853EPSS
Exploits10
Packet Storm
Packet Storm
added 2015/07/23 12:0 a.m.55 views

Qualys Security Advisory - userhelper / libuser

Qualys Security Advisory CVE-2015-3245 userhelper chfn newline filtering CVE-2015-3246 libuser passwd file handling -- Summary ----------------------------------------------------------------- The libuser library implements a standardized interface for manipulating and administering user and grou...

7.2CVSS7.1AI score0.06853EPSS
Exploits10
Amazon
Amazon
added 2015/07/23 12:0 a.m.40 views

Important: usermode, libuser

Issue Overview: It was found that libuser, as used in the chfn userhelper functionality, does not properly filter out newline characters, which allows an authenticated local attacker to corrupt the /etc/passwd file and cause denial-of-service against the system. CVE-2015-3245 A flaw was found in...

7.2CVSS7.3AI score0.06853EPSS
Exploits10References1
Positive Technologies
Positive Technologies
added 2015/07/23 12:0 a.m.3 views

PT-2015-6121 · Libuser +2 · Libuser +2

Name of the Vulnerable Software and Affected Versions: libuser versions prior to 0.56.13-8 libuser versions prior to 0.60-7 Description: The issue allows local users to cause a denial of service, resulting in /etc/passwd corruption, via a newline character in the GECOS field. A local, authenticat...

7.2CVSS6.6AI score0.06853EPSS
Exploits10References44
F5 Networks
F5 Networks
added 2015/07/02 12:0 a.m.29 views

SOL16877 - libuser vulnerability CVE-2011-0002

libuser before 0.57 uses a cleartext password value of 1 !! or 2 x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values. CVE-2011-0002...

6.4CVSS5.3AI score0.0379EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality and integrity of protected information.

The vulnerability of the libuser-devel-0.52.5 package on the CentOS operating system can lead to violations of confidentiality and integrity of protected information. This vulnerability can be exploited remotely...

6.4CVSS5.4AI score0.0379EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder