110 matches found
sudo security, bug fix, and enhancement update
1.8.6p7-20 - RHEL 7.3 erratum - fixed visudo's -q flag Resolves: rhbz1350828 1.8.6p7-19 - RHEL 7.3 erratum - removed INPUTRC from envkeep to prevent a potential info leak Resolves: rhbz1340700 1.8.6p7-18 - RHEL 7.3 erratum - removed requiretty flag from the default sudoers policy - backported...
Untangle NGFW 12.1.0 Beta - 'execEvil()' Command Injection
!/usr/bin/python Title: Untangle NGFW "...
SUSE: Security Advisory for Linux (SUSE-SU-2014:0775-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
vzctl before 4.9.4 determines the virtual environment VE layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container CT root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the...
Linux local MYSQL and /etc/passwd password cracker and finder
This a password finder for linux servers . this can be used if you dont have uid=0 . Also worked witch another uid like user nobody 33. This finder help you to find easy password like MYSQL and local user password from /etc/passwd . Also it work on nobody and apache users . Sometime most MYSQL...
AIX 7.1 TL 1 : bos.mp64 (U854884)
The remote host is missing AIX PTF U854884, which is related to the security of the package bos.mp64. The root owned files can be read by non-root users only when the directory permissions are set allowed for non-root users. For example, a non-root user won't be able to read anything under...
AIX 6.1 TL 6 : bos.mp64 (U854751)
The remote host is missing AIX PTF U854751, which is related to the security of the package bos.mp64. The root owned files can be read by non-root users only when the directory permissions are set allowed for non-root users. For example, a non-root user won't be able to read anything under...
AIX 6.1 TL 7 : bos.mp64 (U854618)
The remote host is missing AIX PTF U854618, which is related to the security of the package bos.mp64. The root owned files can be read by non-root users only when the directory permissions are set allowed for non-root users. For example, a non-root user won't be able to read anything under...
AIX 6.1 TL 8 : ftp (IV28651)
The root owned files can be read by non-root users only when the directory permissions are set allowed for non-root users. For example, a non-root user won't be able to read anything under /etc/security, but can read files like /etc/rc.wpars under ftp. %NASLMINLEVEL 70300 C Tenable Network...
AIX 6.1 TL 7 : ftp (IV23331)
The root owned files can be read by non-root users only when the directory permissions are set allowed for non-root users. For example, a non-root user won't be able to read anything under /etc/security, but can read files like /etc/rc.wpars under ftp. %NASLMINLEVEL 70300 C Tenable Network...
AIX 6.1 TL 6 : ftp (IV28715)
The root owned files can be read by non-root users only when the directory permissions are set allowed for non-root users. For example, a non-root user won't be able to read anything under /etc/security, but can read files like /etc/rc.wpars under ftp. %NASLMINLEVEL 70300 C Tenable Network...
VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check)
The remote VMware ESX/ESXi host is affected by the following security vulnerabilities : - ESX NFS traffic parsing vulnerability: Due to a flaw in the handling of NFS traffic, it is possible to overwrite memory. This vulnerability may allow a user with access to the network to execute code on the...
Fedora 16 : grub2-1.99-13.fc16.3 (2012-7579)
Don't allow non-root users to view contents of /etc/grub.d CVE-2012-2314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
CVE-2011-1550
The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as...
Fedora 12 : lvm2-2.02.72-4.fc12 (2010-12250)
This update addresses a security problem when using the clustered LVM daemon clvmd from the package lvm2-cluster on systems where you have non-root users. The lvm2 package on its own is not vulnerable to this problem but if you are using lvm2-cluster you must update both together. Further details...
Fedora 13 : lvm2-2.02.73-2.fc13 / udisks-1.0.1-4.fc13 (2010-13708)
This update addresses a security problem when using the clustered LVM daemon clvmd from the package lvm2-cluster on systems where you have non-root users. The lvm2 package on its own is not vulnerable to this problem but if you are using lvm2-cluster you must update both together. Further details...
Mandriva Update for xfig MDVA-2010:061 (xfig)
Check for the Version of xfig OpenVAS Vulnerability Test Mandriva Update for xfig MDVA-2010:061 xfig Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Ubuntu Update for xen-3.0 vulnerability USN-527-1
Ubuntu Update for Linux kernel vulnerabilities USN-527-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5271.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for xen-3.0 vulnerability USN-527-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-527-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/mounted-map or 2 /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-roo...