37 matches found
EUVD-2002-0757
Malware in sbrugna...
AZL-40291 CVE-2024-33600 affecting package glibc for versions less than 2.38-11
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's nscd cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This...
openSUSE: Security Advisory for ldb, samba (SUSE-SU-2022:2586-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2008-4552
The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...
SUSE: Security Advisory (SUSE-SU-2022:2659-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:2582-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenSSH 3.2.2 Security Vulnerability
A possible security issue for sshd in OpenBSD has been reported. A vulnerability related to the implementation of BSD authentication exists in sshd that may have security implications. In access configurations which use YP with netgroups, sshd will authenticate users via ACL by checking for the...
Security update for sudo (important)
This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...
openSUSE Security Update : sudo (openSUSE-2017-636)
This update for sudo fixes the following issues : CVE-2017-1000367 : - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...
SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2017:1450-1)
This update for sudo fixes the following issues: CVE-2017-1000367 : - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...
SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2017:1446-1)
This update for sudo fixes the following issues: CVE-2017-1000367 : - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...
SUSE-SU-2017:1450-1 Security update for sudo
This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...
SUSE-SU-2017:1446-1 Security update for sudo
This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...
glibc, nscd security update
CentOS Errata and Security Advisory CESA-2015:0327 Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS bas...
RedHat Update for glibc RHSA-2015:0327-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: glibc security and bug fix update
Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
OpenSSH < 3.2.3 YP Netgroups Authentication Bypass
According to its banner, the version of OpenSSH running on the remote host is older than 3.2.3. It therefore may be affected by an authentication bypass issue. On systems using YP with netgroups, sshd authenticates users via ACL by checking for the requested username and password. Under certain...
nfs-utils security and bug fix update
1.0.9-42 - mountd: Check host alias with netgroups bz 478952 - exportfs: fixed typo in man page bz 474848 - nfs.init: NFS server reboot results in 'Stale NFS file handle' bz 474449 - nfslock.init: options not correctly parsed bz 459591 - mount.nfs: mounts fail with read-only /etc bz 450646 -...
nfs-utils: incorrect use of tcp_wrappers, causing hostname-based rules to be ignored
The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...
Mandrake Security Advisory MDVSA-2009:060-1 (nfs-utils)
The remote host is missing an update to nfs-utils announced via advisory MDVSA-2009:060-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...