MiracleLinux 8 : oddjob-0.34.5-3.el8 (AXSA:2021-1235:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1235:01 advisory. oddjob: race condition in oddjobselinuxmkdir function in mkhomedir.c can lead to symlink attack CVE-2020-10737 Tenable has extracted the preceding descriptio...

TencentOS Server 3: oddjob (TSSA-2022:0053)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0053 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2020-3161

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-10737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomed...

SUSE CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

USN-5169-1 oddjob vulnerability

Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem...

Advisory ROSA-SA-2021-1934

Software: oddjob 0.31.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-10737 CVE-Crit: MEDIUM CVE-DESC: A race condition was discovered in the mkhomedir tool provided with the oddjob package in versions prior to 0.34.5 and 0.34.6, whereby during the creation of the home directory, mkhomedir copies the / etc /...

NewStart CGSL MAIN 6.02 : oddjob Vulnerability (NS-SA-2021-0063)

The remote NewStart CGSL host, running version MAIN 6.02, has oddjob packages installed that are affected by a vulnerability: - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies...

EulerOS 2.0 SP2 : oddjob (EulerOS-SA-2021-1334)

According to the version of the oddjob packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home...

Oracle Linux 8 : oddjob (ELSA-2020-4687)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4687 advisory. 0.34.5-3 - Support HOMEMODE from /etc/login.defs Resolves: rhbz1886362 0.34.5-2 - Add gating tests using idm:DL1 module stream and upstream tests Resolves:...

EulerOS 2.0 SP5 : oddjob (EulerOS-SA-2020-2260)

According to the version of the oddjob packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home...

DEBIAN-CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

Race condition

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

UBUNTU-CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

CVE-2020-10737 is a race-condition vulnerability in the mkhomedir tool from the oddjob package (pre-0.34.5 and pre-0.34.6). During home creation, mkhomedir copies /etc/skel into the new home and changes ownership to the new user without proper homedir-path validation. An attacker can abuse a syml...

oddjob path traversal vulnerability

oddjob is a software package for D-Bus with public gateway interface functionality. A path traversal vulnerability exists in the mkhomedir tool in versions of oddjob prior to 0.34.5 and prior to 0.34.6, which stems from the fact that during the creation of a home directory, mkhomedir copies the...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package. During the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. This flaw allows an attacker to...