what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2019-13012

Status Candidate

Overview

The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450.

Related Files

Red Hat Security Advisory 2021-3119-01
Posted Aug 11, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3119-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory addresses a wide array of vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-13012, CVE-2019-14866, CVE-2019-25013, CVE-2019-25032, CVE-2019-25034, CVE-2019-25035, CVE-2019-25036, CVE-2019-25037, CVE-2019-25038, CVE-2019-25039, CVE-2019-25040, CVE-2019-25041, CVE-2019-25042, CVE-2019-2708, CVE-2019-9169, CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-14344, CVE-2020-14345, CVE-2020-14346
SHA-256 | 8c577ec58c64d9ea6cb3ad4e7638b48764a7aa10e5ac0a3c83fe0be868a0d325
Download | Favorite | View
Red Hat Security Advisory 2021-2479-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2479-01 - Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-13012, CVE-2019-14866, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-25659, CVE-2020-25678, CVE-2020-26116, CVE-2020-26137, CVE-2020-27618, CVE-2020-27619, CVE-2020-27783, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-36242, CVE-2020-8231
SHA-256 | 407dd58a4d56a1577f85a63f8d3249362ebd855a9d2e9461bef124d76718dfe1
Download | Favorite | View
Red Hat Security Advisory 2021-2121-01
Posted Jun 1, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2121-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2019-13012, CVE-2019-14866, CVE-2019-18811, CVE-2019-19523, CVE-2019-19528, CVE-2019-25013, CVE-2019-25032, CVE-2019-25034, CVE-2019-25035, CVE-2019-25036, CVE-2019-25037, CVE-2019-25038, CVE-2019-25039, CVE-2019-25040, CVE-2019-25041, CVE-2019-25042, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-0431, CVE-2020-10543, CVE-2020-10878, CVE-2020-11608, CVE-2020-12114, CVE-2020-12362, CVE-2020-12464
SHA-256 | 2f1653e51f042c6274ffefb7f0845f74fde0e3cccec0fb22ff11ef5cc0c26b34
Download | Favorite | View
Red Hat Security Advisory 2021-2136-01
Posted May 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2136-01 - An Openshift Logging bug fix release addresses an index validation issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2019-13012, CVE-2019-18811, CVE-2019-19523, CVE-2019-19528, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-0431, CVE-2020-10543, CVE-2020-10878, CVE-2020-11608, CVE-2020-12114, CVE-2020-12362, CVE-2020-12464, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-13776, CVE-2020-14314, CVE-2020-14344, CVE-2020-14345, CVE-2020-14346, CVE-2020-14347, CVE-2020-14356, CVE-2020-14360
SHA-256 | 8f9746dfa68f5ebe03798d9f8686052c21773b749d26577fe45138585199782b
Download | Favorite | View
Red Hat Security Advisory 2021-1586-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1586-01 - GNOME is the default desktop environment of Red Hat Enterprise Linux. Issues addressed include code execution, insecure permissions, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-13012, CVE-2020-13543, CVE-2020-13584, CVE-2020-9948, CVE-2020-9951, CVE-2020-9983
SHA-256 | 83850ab16175a11b58bb98d158fec9786cbf3c1014ed6eabb5bf6fd703ec9fd0
Download | Favorite | View
Ubuntu Security Notice USN-4049-2
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4049-2 - USN-4049-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13012
SHA-256 | 7bb8afdb97bdf4f0761af9b6cc42925be984c923a95c9f2707e0b01889cb1d75
Download | Favorite | View
Ubuntu Security Notice USN-4049-1
Posted Jul 8, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4049-1 - It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13012
SHA-256 | f0c857a88de44107aba3d0092d1157ab8adf60d6d5476e9aa578cd12871ee05b
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close