EUVD-2020-3161

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-10737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomed...

RHEL 7 : oddjob (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - oddjob: race condition in oddjobselinuxmkdir function in mkhomedir.c can lead to symlink attack CVE-2020-10737 Note...

CentOS 9 : oddjob-0.34.7-6.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the oddjob-0.34.7-6.el9 build changelog. - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : oddjob vulnerability (USN-5169-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5169-1 advisory. Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated...

Ubuntu: Security Advisory (USN-5169-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5169-1 oddjob vulnerability

Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem...

Oracle Linux 8 : oddjob (ELSA-2020-4687)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4687 advisory. 0.34.5-3 - Support HOMEMODE from /etc/login.defs Resolves: rhbz1886362 0.34.5-2 - Add gating tests using idm:DL1 module stream and upstream tests Resolves:...

Moderate: oddjob security, bug fix, and enhancement update

The oddjob packages contain a D-Bus service which performs particular tasks for clients which connect to it and issue requests using the system-wide message bus. The following packages have been upgraded to a later upstream version: oddjob 0.34.5. BZ1833289 Security Fixes: oddjob: race condition ...

EulerOS 2.0 SP3 : oddjob (EulerOS-SA-2020-2086)

According to the version of the oddjob packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

Race condition

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the...

CVE-2020-10737

CVE-2020-10737 is a race-condition vulnerability in the mkhomedir tool from the oddjob package (pre-0.34.5 and pre-0.34.6). During home creation, mkhomedir copies /etc/skel into the new home and changes ownership to the new user without proper homedir-path validation. An attacker can abuse a syml...