20 matches found
EulerOS 2.0 SP9 : cups (EulerOS-SA-2024-2384)
According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the...
EulerOS 2.0 SP10 : cups (EulerOS-SA-2024-2409)
According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the...
CVE-2024-35235
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the...
xinetd does not enforce the user and group configuration directives for TCPMUX services which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
...
SUSE CVE-2007-1743
suexec in Apache HTTP Server httpd 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vend...
SUSE CVE-2014-9043
The userldap aka LDAP user and group backend application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to bypass authentication via a null byte in the password and a valid user name, which triggers an unauthenticated bind...
Mageia: Security Advisory (MGASA-2019-0214)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-18430
CVE-2017-18430 affects cPanel before 66.0.2, where user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294). The issue’s CVSS indicates MEDIUM impact (Partial confidentiality, integrity, and availability) with LOCAL access required per CVSSv2, or NETWORK ...
openSUSE Security Update : gvfs (openSUSE-2019-1699)
This update for gvfs fixes the following issues : Security issues fixed : - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls bsc1137930. - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of...
Fedora 28 : bird (2018-8f0d2429d3)
Updating bird to 1.6.4 release which includes fix for CVE-2018-12066 Running bird in foreground Bird is running under bird user and group rather than root Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
Fedora 29 : bird (2018-6aada550ca)
Updating bird to 1.6.4 release which includes fix for CVE-2018-12066 Running bird in foreground Bird is running under bird user and group rather than root Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
DEBIAN-CVE-2015-8709
kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor...
Qualys Security Advisory - userhelper / libuser
Qualys Security Advisory CVE-2015-3245 userhelper chfn newline filtering CVE-2015-3246 libuser passwd file handling -- Summary ----------------------------------------------------------------- The libuser library implements a standardized interface for manipulating and administering user and grou...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
Moderate: Red Hat Security Advisory: xinetd security update
An updated xinetd package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
Scientific Linux Security Update : cifs-utils on SL6.x i386/x86_64 (20120620)
The cifs-utils package contains tools for mounting and managing shares on Linux using the SMB/CIFS protocol. The CIFS shares can be used as standard Linux file systems. A file existence disclosure flaw was found in mount.cifs. If the tool was installed with the setuid bit set, a local attacker...
CentOS 6 : cifs-utils (CESA-2012:0902)
An updated cifs-utils package that fixes one security issue, multiple bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score,...
cifs security update
CentOS Errata and Security Advisory CESA-2012:0902 An updated cifs-utils package that fixes one security issue, multiple bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A...
Low: Red Hat Security Advisory: cifs-utils security, bug fix, and enhancement update
An updated cifs-utils package that fixes one security issue, multiple bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score,...
Low: Red Hat Security Advisory: nss_ldap security and bug fix update
An updated nssldap package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nssldap package contains the nssldap and pamldap modules. The nssldap module is a plug-in which allows...