exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2022-24302

Status Candidate

Overview

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

Related Files

Red Hat Security Advisory 2022-7399-01
Posted Jan 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7399-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-22570, CVE-2021-38561, CVE-2021-4235, CVE-2022-1705, CVE-2022-21698, CVE-2022-24302, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-3172, CVE-2022-32148
SHA-256 | e13aef52399a1f4fa930dd8b8bf1a89fd110f6137aebfab4ca96512890bd402c
Red Hat Security Advisory 2022-8893-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8893-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.20.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22570, CVE-2022-1158, CVE-2022-24302, CVE-2022-2639, CVE-2022-27191, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-42898
SHA-256 | c38ee4b6306b101938abc04733fc4231063e50a1e2f0c70c966e429666acd243
Red Hat Security Advisory 2022-8863-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8863-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.

tags | advisory, remote, arbitrary, shell, protocol, python
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | 59534817e9e5c4ed208e21817cc8d384718759ee9feaec332ee49ea7ba65f1b5
Red Hat Security Advisory 2022-8845-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8845-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.

tags | advisory, remote, arbitrary, shell, protocol, python
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | a6a2060126d1be99be2aca8297f1257ee4619fcacb1e48e24b430da0c6b1eb8c
Red Hat Security Advisory 2022-4712-01
Posted May 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4712-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat Virtualization Hosted-Engine.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | cabc33a3a6998a71cdc680bf5440af1d7a130320d58e5bd49a4e906b855a4f4a
Ubuntu Security Notice USN-5351-2
Posted Mar 30, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5351-2 - USN-5351-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 16.04 ESM. Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-24302
SHA-256 | 5ab34dbf043c68f221010b005e23a075b6b2f624176ef12aa62f28ed3b73a8d1
Ubuntu Security Notice USN-5351-1
Posted Mar 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5351-1 - Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-24302
SHA-256 | 5ebff46b7927019366c4c26262bfda5d50351737a0a1eb80ff2a875a4907b62d
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close