EUVD-2018-10763

Malware in sbrugna...

The vulnerability lies in the implementation of the PrintData or PrintStats functions in the network traffic balancing system’s Keepalived module. This allows a attacker to re-record arbitrary files.

The vulnerability in the implementation of the PrintData or PrintStats functions of the network traffic balancing system Keepalived is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow an attacker to re-record arbitrary files...

The vulnerability lies in the implementation of the PrintData or PrintStats functions in the network traffic balancing system’s Keepalived component. This allows attackers to gain access to the protected information.

The vulnerability of the PrintData or PrintStats implementation in the network traffic balancing system of Keepalived lies in the lack of protection for service data when the MODE=“0666” mode is used. Exploiting this vulnerability can allow an attacker to gain access to the protected information...

The vulnerability lies in the implementation of the PrintData or PrintStats functions in the network traffic balancing system’s Keepalived component. This allows attackers to gain access to the protected information.

The vulnerability of the PrintData or PrintStats implementation in the network traffic balancing system of Keepalived is related to errors in processing temporary files. Exploiting this vulnerability can allow an attacker to access protected information through a specially created file...

EulerOS 2.0 SP5 : keepalived (EulerOS-SA-2020-1919)

According to the version of the keepalived package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local...

Medium: keepalived

Issue Overview: keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data...

CVE-2018-19045

keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...

DEBIAN-CVE-2018-19045

keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...

CVE-2018-19045

CVE-2018-19045 affects keepalived up to version 2.0.8, where creating new temporary files with mode 0666 can leak sensitive information. Connected advisories show this CVE as part of a set against keepalived 2.x, with related fixes in later releases (e.g., openSUSE-2019-1008 notes upgrading to 2....

CVE-2018-19045

keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information...