48 matches found
EUVD-2020-17065
Malware in sbrugna...
EUVD-2020-17064
Malware in sbrugna...
Rocky Linux 8 : trousers (RLSA-2021:1627)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1627 advisory. - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop th...
SUSE CVE-2020-24331
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...
SUSE SLES15 Security Update : trousers (SUSE-SU-2022:2798-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2798-1 advisory. - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fail...
NewStart CGSL MAIN 6.02 : trousers Multiple Vulnerabilities (NS-SA-2022-0066)
The remote NewStart CGSL host, running version MAIN 6.02, has trousers packages installed that are affected by multiple vulnerabilities: - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root g...
AlmaLinux 8 : trousers (ALSA-2021:1627)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1627 advisory. - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the...
Huawei EulerOS: Security Advisory for trousers (EulerOS-SA-2021-2171)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1989
Software: trousers 0.3.14 OS: Cobalt 7.9 CVE-ID: CVE-2020-24330 CVE-Crit: HIGH CVE-DESC: A problem was discovered in TrouSerS before 0.3.14. If the tcsd daemon is running with root privileges and not the tss user, it will not be able to reset the root gid privilege when it is no longer needed...
Updated trousers packages fix security vulnerabilities
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed CVE-2020-24330. An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with...
MGASA-2021-0297 Updated trousers packages fix security vulnerabilities
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed CVE-2020-24330. An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with...
Privilege Escalation
trousers is vulnerable to privilege escalation. The vulnerability exists because the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed which allows an attacker to gain privilege and perform unwanted actions...
trousers: tss user can be used to create or corrupt existing files, this could lead to DoS
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack...
trousers: fails to drop the root gid privilege when no longer needed
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed...
trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file which contains various settings related to this daemon...
Huawei EulerOS: Security Advisory for trousers (EulerOS-SA-2021-1628)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.1 : trousers (EulerOS-SA-2021-1628)
According to the versions of the trousers package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the...
EulerOS Virtualization 3.0.2.6 : trousers (EulerOS-SA-2021-1425)
According to the version of the trousers package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read...
Huawei EulerOS: Security Advisory for trousers (EulerOS-SA-2021-1522)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : trousers (EulerOS-SA-2021-1563)
According to the versions of the trousers packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation...