GLSA-201808-03 : NetworkManager VPNC plugin: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201808-03 NetworkManager VPNC plugin: Privilege escalation When initiating a VPNC connection, NetworkManager spawns a new vpnc process and passes the configuration via STDIN. By injecting a special character into a configuration...

NetworkManager VPNC plugin: Privilege escalation

Background NetworkManager is an universal network configuration daemon for laptops, desktops, servers and virtualization hosts. The VPNC plugin provides easy access Cisco Concentrator based VPN’s utilizing NetworkManager. Description When initiating a VPNC connection, NetworkManager spawns a new...

CVE-2018-10900

Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...

CVE-2018-10900

Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...

EUVD-2018-2957

Network Manager VPNC plugin aka networkmanager-vpnc before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root...