Download
| Alert*
|
oval:org.secpod.oval:def:1801278
CVE-2018-19044: kkeepalived before version 2.0.9 didn"t check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/k ... oval:org.secpod.oval:def:115628 Keepalived provides simple and robust facilities for load balancing and high availability to Linux system and Linux based infrastructures. The load balancing framework relies on well-known and widely used Linux Virtual Server kernel module providing Layer4 load balancing. Keepalived implements a se ... oval:org.secpod.oval:def:1900121 keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information. oval:org.secpod.oval:def:2001485 keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information. |
