MiracleLinux 8 : systemd-239-45.el8 (AXSA:2021-2177:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2177:05 advisory. systemd: Spoofing of XDGSEAT allows for actions to be checked against allowactive instead of allowany CVE-2019-3842 systemd: Mishandles numerical...

Linux Distros Unpatched Vulnerability : CVE-2017-1000082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - systemd v233 and earlier fails to safely parse usernames starting with a numeric digit e.g. 0day, running the service in question with root privileges rather th...

SUSE CVE-2020-13776

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082...

systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits. When the usernames are used by systemd, for example in service units, an unexpected user may be used instead. In some particular configurations, this flaw...

systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits. When the usernames are used by systemd, for example in service units, an unexpected user may be used instead. In some particular configurations, this flaw...

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.

...

UBUNTU-CVE-2020-13776

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082...

DEBIAN-CVE-2017-1000082

systemd v233 and earlier fails to safely parse usernames starting with a numeric digit e.g. "0day", running the service in question with root privileges rather than the user intended...

UBUNTU-CVE-2017-1000082

systemd v233 and earlier fails to safely parse usernames starting with a numeric digit e.g. "0day", running the service in question with root privileges rather than the user intended...