EUVD-2018-10763

Malware in sbrugna...

EulerOS 2.0 SP5 : keepalived (EulerOS-SA-2020-1919)

According to the version of the keepalived package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local...

Medium: keepalived

Issue Overview: keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data...

CVE-2018-19045

keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...

DEBIAN-CVE-2018-19045

keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...

CVE-2018-19045

keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...

CVE-2018-19045

CVE-2018-19045 affects keepalived up to version 2.0.8, where creating new temporary files with mode 0666 can leak sensitive information. Connected advisories show this CVE as part of a set against keepalived 2.x, with related fixes in later releases (e.g., openSUSE-2019-1008 notes upgrading to 2....