Количество 14
Количество 14
BDU:2023-07470
Уязвимость утилиты dmidecode операционной системы Linux, позволяющая нарушителю повысить свои привилегий
ROS-20250303-03
Уязвимость dmidecode
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).
CVE-2023-30630
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This ...
SUSE-SU-2023:2215-1
Security update for dmidecode
SUSE-SU-2023:2044-1
Security update for dmidecode
SUSE-SU-2023:1947-1
Security update for dmidecode
RLSA-2023:5061
Moderate: dmidecode security update
GHSA-9r2p-xmm5-5ppg
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.
ELSA-2023-5252
ELSA-2023-5252: dmidecode security update (MODERATE)
ELSA-2023-5061
ELSA-2023-5061: dmidecode security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-07470 Уязвимость утилиты dmidecode операционной системы Linux, позволяющая нарушителю повысить свои привилегий | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | ROS-20250303-03 Уязвимость dmidecode | CVSS3: 7.1 | 0% Низкий | 6 месяцев назад |
 | CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly). | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly). | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly). | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад | |
| CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This ... | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:2215-1 Security update for dmidecode | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:2044-1 Security update for dmidecode | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:1947-1 Security update for dmidecode | 0% Низкий | больше 2 лет назад | |
 | RLSA-2023:5061 Moderate: dmidecode security update | 0% Низкий | почти 2 года назад | |
| GHSA-9r2p-xmm5-5ppg Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. | CVSS3: 7.8 | 0% Низкий | больше 2 лет назад |
| ELSA-2023-5252 ELSA-2023-5252: dmidecode security update (MODERATE) | почти 2 года назад | ||
| ELSA-2023-5061 ELSA-2023-5061: dmidecode security update (MODERATE) | почти 2 года назад |
Уязвимостей на страницу