exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2022-24302

Status Candidate

Overview

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

Related Files

Red Hat Security Advisory 2022-7399-01
Posted Jan 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7399-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-22570, CVE-2021-38561, CVE-2021-4235, CVE-2022-1705, CVE-2022-21698, CVE-2022-24302, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-3172, CVE-2022-32148
SHA-256 | e13aef52399a1f4fa930dd8b8bf1a89fd110f6137aebfab4ca96512890bd402c
Red Hat Security Advisory 2022-8893-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8893-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.20.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22570, CVE-2022-1158, CVE-2022-24302, CVE-2022-2639, CVE-2022-27191, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-42898
SHA-256 | c38ee4b6306b101938abc04733fc4231063e50a1e2f0c70c966e429666acd243
Red Hat Security Advisory 2022-8863-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8863-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.

tags | advisory, remote, arbitrary, shell, protocol, python
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | 59534817e9e5c4ed208e21817cc8d384718759ee9feaec332ee49ea7ba65f1b5
Red Hat Security Advisory 2022-8845-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8845-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.

tags | advisory, remote, arbitrary, shell, protocol, python
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | a6a2060126d1be99be2aca8297f1257ee4619fcacb1e48e24b430da0c6b1eb8c
Red Hat Security Advisory 2022-4712-01
Posted May 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4712-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat Virtualization Hosted-Engine.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | cabc33a3a6998a71cdc680bf5440af1d7a130320d58e5bd49a4e906b855a4f4a
Ubuntu Security Notice USN-5351-2
Posted Mar 30, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5351-2 - USN-5351-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 16.04 ESM. Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-24302
SHA-256 | 5ab34dbf043c68f221010b005e23a075b6b2f624176ef12aa62f28ed3b73a8d1
Ubuntu Security Notice USN-5351-1
Posted Mar 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5351-1 - Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-24302
SHA-256 | 5ebff46b7927019366c4c26262bfda5d50351737a0a1eb80ff2a875a4907b62d
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    19 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close