GLSA-202407-05 : SSSD: Command Injection

The remote host is affected by the vulnerability described in GLSA-202407-05 SSSD: Command Injection A vulnerability has been discovered in SSSD. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux...

polkit: Heap-corruption on duplicate IDs

Background polkit is a toolkit for managing policies relating to unprivileged processes communicating with privileged processes. Description A vulnerability was discovered in polkit’s polkitbackendactionpoolinit function due to duplicate action IDs in action descriptions. Impact Local attackers a...

Gentoo Security Advisory GLSA 201402-12

Gentoo Linux Local Security Checks GLSA 201402-12 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Gentoo Security Advisory GLSA 200903-39 (pam_krb5)

The remote host is missing updates announced in advisory GLSA 200903-39. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200903-39 (pam_krb5)

The remote host is missing updates announced in advisory GLSA 200903-39. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

pam_krb5: Privilege escalation

Background pamkrb5 is a a Kerberos v5 PAM module. Description The following vulnerabilities were discovered: pamkrb5 does not properly initialize the Kerberos libraries for setuid use CVE-2009-0360. Derek Chan reported that calls to pamsetcred are not properly handled when running setuid...

Gentoo Security Advisory GLSA 200612-19 (pam_ldap)

The remote host is missing updates announced in advisory GLSA 200612-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200606-18 (pam_mysql)

The remote host is missing updates announced in advisory GLSA 200606-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

nss_ldap: Information disclosure

Background nssldap is a Name Service Switch module which allows 'passwd', 'group' and 'host' database information to be pulled from LDAP. Description Josh Burley reported that nssldap does not properly handle the LDAP connections due to a race condition that can be triggered by multi-threaded...