Debian dla-3377 : libnss-myhostname - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3377 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3377-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 3377-1] systemd security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3377-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 31, 2023 https://wiki.debian.org/LTS -...

SUSE SLES15 Security Update : sudo (SUSE-SU-2023:1698-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1698-1 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape contro...

SUSE SLES12 Security Update : sudo (SUSE-SU-2023:1700-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1700-1 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape contro...

SUSE SLES15 Security Update : sudo (SUSE-SU-2023:1699-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1699-1 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape contro...

QNAP QTS Multiple Vulnerabilities (QSA-23-02, QSA-23-03, QSA-23-06, QSA-23-10, QSA-23-11, QSA-23-15)

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:1699-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:1698-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:1700-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

QNAP QuTS hero Multiple Vulnerabilities (QSA-23-02, QSA-23-06, QSA-23-10, QSA-23-11, QSA-23-15)

QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...

SUSE-SU-2023:1700-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-28486: Fixed missing control characters escaping in log messages bsc1209362. - CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output bsc1209361...

SUSE-SU-2023:1699-1 Security update for sudo

This update for sudo fixes the following issue: Security fixes: - CVE-2023-28486: Fixed missing control characters escaping in log messages bsc1209362. - CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output bsc1209361. Other fixes: - Fix a situation where 'sudo -U...

SUSE-SU-2023:1698-1 Security update for sudo

This update for sudo fixes the following issue: Security fixes: - CVE-2023-28486: Fixed missing control characters escaping in log messages bsc1209362. - CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output bsc1209361. Other fixes: - Fix a situation where 'sudo -U...

SUSE SLES12 Security Update : sudo (SUSE-SU-2023:1659-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1659-1 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape contro...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sudo (SUSE-SU-2023:1665-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1665-1 advisory. - Sudo before 1.9.13p2 has a double free in the per-command chroot feature. CVE-2023-27320 - Sud...

SUSE: Security Advisory (SUSE-SU-2023:1659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Optergy Proton and Enterprise BMS Command Injection using a backdoor

This module exploits an undocumented backdoor vulnerability in the Optergy Proton and Enterprise Building Management System BMS applications. Versions 2.0.3a and below are vulnerable. Attackers can exploit this issue by directly navigating to an undocumented backdoor script called Console.jsp in...

SUSE-SU-2023:1665-1 Security update for sudo

This update for sudo fixes the following issue: Security issues: - CVE-2023-28486: Fixed sudo does not escape control characters in log messages. bsc1209362 - CVE-2023-28487: Fixed sudo does not escape control characters in sudoreplay output. bsc1209361 - CVE-2023-27320: Fixed a potential securit...

SUSE-SU-2023:1659-1 Security update for sudo

This update for sudo fixes the following issue: Security fixes: - CVE-2023-28486: Fixed missing control characters escaping in log messages bsc1209362. - CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output bsc1209361. Other fixes: - Fix a situation where 'sudo -U...

SUSE SLES12 Security Update : systemd (SUSE-SU-2023:1622-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1622-1 advisory. - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in whi...