Lucene search
K

107 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2021/03/20 12:0 a.m.27 views

Security update for connman (moderate)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2021:0452-1 Rating: moderate References: 1181751 Cross-References: CVE-2021-26675 CVE-2021-26676 CVSS scores: CVE-2021-26675 NVD : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-26676 NVD : 6.5...

8.8CVSS8.4AI score0.01301EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/03/17 12:0 a.m.25 views

openSUSE Security Update : connman (openSUSE-2021-416)

This update for connman fixes the following issues : Update to 1.39 boo1181751 : - Fix issue with scanning state synchronization and iwd. - Fix issue with invalid key with 4-way handshake offloading. - Fix issue with DNS proxy length checks to prevent buffer overflow. CVE-2021-26675 - Fix issue...

8.8CVSS7.2AI score0.01301EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/03/16 12:0 a.m.31 views

Security update for connman (moderate)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2021:0416-1 Rating: moderate References: 1181751 Cross-References: CVE-2021-26675 CVE-2021-26676 CVSS scores: CVE-2021-26675 NVD : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-26676 NVD : 6.5...

8.8CVSS8.4AI score0.01301EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/11/21 9:55 a.m.5 views

systemd: systemd-resolved allows unprivileged users to configure DNS

An improper authorization flaw was discovered in systemd-resolved in the way it configures the exposed DBus interface org.freedesktop.resolve1. An unprivileged local attacker could call all DBus methods, even when marked as privileged operations. An attacker could abuse this flaw by changing the...

4.4CVSS5.8AI score0.00511EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2019/11/21 9:55 a.m.69 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.1.24 machine-os-content-container security update

Red Hat OpenShift Container Platform release 4.1.24 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

9CVSS7.2AI score0.63917EPSS
Exploits11References5
RedHat Linux
RedHat Linux
added 2019/11/05 9:15 p.m.3 views

systemd: systemd-resolved allows unprivileged users to configure DNS

An improper authorization flaw was discovered in systemd-resolved in the way it configures the exposed DBus interface org.freedesktop.resolve1. An unprivileged local attacker could call all DBus methods, even when marked as privileged operations. An attacker could abuse this flaw by changing the...

4.4CVSS5.8AI score0.00511EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.39 views

Fedora 31 : systemd (2019-d5bd5f0aa4)

Update to latest release - Emission of Session property-changed notifications from logind is fixed this was breaking the switching of sessions to and from gnome. - Security issue: unprivileged users were allowed to change DNS servers configured in systemd-resolved. Now proper polkit authorization...

4.4CVSS6AI score0.00511EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/09/19 12:0 a.m.28 views

Fedora 29 : systemd (2019-8a7dfdf1f3)

Security issue: unprivileged users were allowed to change DNS servers configured in systemd-resolved CVE-2019-15718 - hwdb entries for keyboards are updated to the latest version 1725717 No need to log out or reboot. Note that Tenable Network Security has extracted the preceding description block...

4.4CVSS6AI score0.00511EPSS
Exploits1References2
Prion
Prion
added 2019/09/04 12:15 p.m.19 views

Design/Logic Flaw

In systemd 240, busopensystemwatchbindwithdescription in shared/bus-util.c as used by systemd-resolved to connect to the system D-Bus instance, calls sdbussettrusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that...

3.6CVSS4.7AI score0.00511EPSS
Exploits1References7Affected Software13
RedhatCVE
RedhatCVE
added 2019/09/04 7:23 a.m.29 views

CVE-2019-15718

An improper authorization flaw was discovered in systemd-resolved in the way it configures the exposed DBus interface org.freedesktop.resolve1. An unprivileged local attacker could call all DBus methods, even when marked as privileged operations. An attacker could abuse this flaw by changing the...

5.3CVSS2.7AI score0.00511EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2019/09/03 6:35 p.m.105 views

USN-4120-1: systemd vulnerability

It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings...

4.4CVSS6AI score0.00511EPSS
Exploits1
OSV
OSV
added 2019/09/03 6:35 p.m.4 views

USN-4120-1 systemd vulnerability

It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings...

4.4CVSS6.5AI score0.00511EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/06/19 12:0 a.m.35 views

RHEL 7 : systemd (RHSA-2019:1502)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1502 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...

5.5CVSS6.5AI score0.02035EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2019/01/30 12:0 a.m.56 views

RHEL 7 : systemd (RHSA-2019:0204)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0204 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides...

7.8CVSS7.2AI score0.02958EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2018/02/28 12:0 a.m.10 views

Fedora 27 : systemd (2018-eea8cb8b0e)

a few memory leaks and uninitialized memory accesses - systemd-networkd Remote= must be a unicast address upstream issue 8088 - add /run/systemd/user to the unit lookup path upstream issue 8119 - various fixes for journalctl leaking file descriptors on very quick file rotation upstream issues...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-3558-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.23633EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.13 views

Fedora 27 : systemd (2017-6263c938c7)

Use infinite timeouts for passwords during boot when JobTimeoutSec=0 - Some tty utf8-mode fixes - Only send one auxillary fd set over dbus - Various network-manager crash and spurious assert fixes - Do not remount network filesystems ro during shutdown and unmount DM devices better - Fix...

5.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/11/20 12:0 a.m.35 views

systemd Network Name Resolution Manager NSEC Resource Record Pseudo-Types Denial of Service Vulnerability

This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of systemd Network Name Resolution Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NSEC resource records in...

7.8CVSS3.1AI score0.23633EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/11/01 12:0 a.m.17 views

Fedora 26 : systemd (2017-6f8fcff58c)

systemd-detect-virt QEMU CPUID logic update - Fix cryptsetup devices disappearing when used for btrfs - Fix rfkill on some thinkpads - Extend dbus timeouts to handle slow dbus daemon startup - Fix systemd-resolved DOS with crafted NSEC packets LP1725351 - Backport /etc/crypttab netdev feature...

5.5AI score
Exploits0References1
CNVD
CNVD
added 2017/10/27 12:0 a.m.4 views

Systemd Denial of Service Vulnerability

systemd is a system and service manager for the Linux operating system. A denial of service vulnerability exists in systemd 223-235. The vulnerability arises because a remote DNS server can respond with a customized DNS NSEC resource record, which triggers an infinite loop in the...

7.5CVSS7.2AI score0.23633EPSS
Exploits0References1
Rows per page
Query Builder