84 matches found
CVE-2022-29800
A time-of-check-time-of-use TOCTOU race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes...
CVE-2022-29799
A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads to a directory traversal to escape from the “/etc/networkd-dispatcher” base directory...
CVE-2022-29799
CVE-2022-29799 affects networkd-dispatcher. The flaw arises because OperationalState/AdministrativeState are not sanitized, enabling a directory traversal to escape the /etc/networkd-dispatcher base directory. A local attacker could exploit this to escalate privileges or trigger code execution as...
CVE-2022-29799
A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads to a directory traversal to escape from the “/etc/networkd-dispatcher” base directory...
CVE-2022-29799
A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads to a directory traversal to escape from the “/etc/networkd-dispatcher” base directory...
USN-5395-2: networkd-dispatcher regression | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Origina...
USN-5395-1: networkd-dispatcher vulnerabilities | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code...
Ubuntu: Security Advisory (USN-5395-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5395-2: networkd-dispatcher regression
USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that networkd-dispatcher incorrectly handled internal...
USN-5395-2 networkd-dispatcher regression
USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that networkd-dispatcher incorrectly handled internal...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : networkd-dispatcher regression (USN-5395-2)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5395-2 advisory. USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This...
CVE-2022-29799
A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher and lead to the directory traversal escaping from the “/etc/networkd-dispatcher” base directory...
CVE-2022-29800
A time-of-check-time-of-use TOCTOU race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a specific time between discovering and running the script. This flaw allows an attacker to replace scripts that networkd-dispatcher believes to be owned by root wit...
Directory Traversal
networkd-dispatcher is vulnerable to directory traversal. The vulnerability exists due to a lack of sanitization of the OperationalState or the AdministrativeState of networkd-dispatcher allowing an attacker to traverse from the “/etc/networkd-dispatcher” base directory...
Ubuntu: Security Advisory (USN-5395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5395-1: networkd-dispatcher vulnerabilities
It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. CVE-2022-29799, CVE-2022-29800...
USN-5395-1 networkd-dispatcher vulnerabilities
It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. CVE-2022-29799, CVE-2022-29800...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : networkd-dispatcher vulnerabilities (USN-5395-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5395-1 advisory. It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue t...
networkd-dispatcher 安全漏洞
networkd-dispatcher is a scheduler daemon for systemd-networkd connection state changes by an individual developer at clayton craft in the United States. A security vulnerability exists in networkd-dispatcher versions 1.0 - 2.1 due to a race condition between a discovered script and a running...
The vulnerability of the networkd-dispatcher component, which manages connection states in Linux operating systems, and is part of the Systemd subsystem responsible for service initialization and management, allows a malicious actor to escalate their privileges or execute arbitrary code.
The vulnerabilities of the networkd-dispatcher component, which manages connection states and initializes services within Systemd in Linux operating systems, stem from synchronization errors when using shared resources. Exploiting these vulnerabilities can allow attackers to increase their...