24 matches found
EUVD-2021-7610
Malicious code in bioql PyPI...
EUVD-2024-47130
Malicious code in bioql PyPI...
RockyLinux 9 : nano (RLSA-2024:9430)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9430 advisory. nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742...
RLSA-2024:9430 Low: nano security update
GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...
Astra Linux – Vulnerability in nano
A vulnerability was discovered in GNU Nano, which allows for potential privilege escalation through an insecure temporary file. If Nano is terminated while editing, a file that it saves to an emergency file, with permissions set to those of the running user, creates an opportunity for attackers t...
Low: Red Hat Security Advisory: nano security update
An update for nano is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
RHEL 9 : nano (RHSA-2024:9430)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9430 advisory. GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the...
USN-7064-2: nano vulnerability
USN-7064-1 fixed a vulnerability in nano. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions grante...
USN-7064-1 nano vulnerability
It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink...
USN-7064-1: nano vulnerability
It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink...
RLSA-2024:6986 Low: nano security update
GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...
nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
Low: Red Hat Security Advisory: nano security update
An update for nano is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
ALSA-2024:6986 Low: nano security update
GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...
Medium: nano
Issue Overview: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 Affected Packages: nano Issue Correction: Run dnf update nano --releasever 2023.5.20240722 or dnf update --advisory...
Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
...
CVE-2024-5742
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
CVE-2024-5742
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
CVE-2024-5742 Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...