Количество 12
Количество 12
BDU:2021-00101
Уязвимость функции nsm_drop_privileges (support/nsm/file.c пакета NFS утилит nfs-utils), связанная с неправельным присвоением стандартных разрешений, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность
CVE-2019-3689
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.
CVE-2019-3689
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.
CVE-2019-3689
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.
CVE-2019-3689
The nfs-utils package in SUSE Linux Enterprise Server 12 before and in ...
openSUSE-SU-2019:2435-1
Security update for nfs-utils
openSUSE-SU-2019:2408-1
Security update for nfs-utils
SUSE-SU-2019:2782-1
Security update for nfs-utils
SUSE-SU-2019:2781-1
Security update for nfs-utils
SUSE-SU-2019:2776-1
Security update for nfs-utils
SUSE-SU-2019:2771-1
Security update for nfs-utils
GHSA-qh2q-m44h-cfm8
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system if fs.protected_symlinks is not set
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2021-00101 Уязвимость функции nsm_drop_privileges (support/nsm/file.c пакета NFS утилит nfs-utils), связанная с неправельным присвоением стандартных разрешений, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-3689 The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system. | CVSS3: 5.1 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-3689 The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-3689 The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system. | CVSS3: 5.1 | 0% Низкий | больше 6 лет назад |
| CVE-2019-3689 The nfs-utils package in SUSE Linux Enterprise Server 12 before and in ... | CVSS3: 5.1 | 0% Низкий | больше 6 лет назад |
 | openSUSE-SU-2019:2435-1 Security update for nfs-utils | 0% Низкий | больше 6 лет назад | |
| openSUSE-SU-2019:2408-1 Security update for nfs-utils | 0% Низкий | больше 6 лет назад | |
| SUSE-SU-2019:2782-1 Security update for nfs-utils | 0% Низкий | больше 6 лет назад | |
| SUSE-SU-2019:2781-1 Security update for nfs-utils | 0% Низкий | больше 6 лет назад | |
| SUSE-SU-2019:2776-1 Security update for nfs-utils | 0% Низкий | больше 6 лет назад | |
| SUSE-SU-2019:2771-1 Security update for nfs-utils | 0% Низкий | больше 6 лет назад | |
| GHSA-qh2q-m44h-cfm8 The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system if fs.protected_symlinks is not set | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу