exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2022-24302

Status Candidate

Overview

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

Related Files

Red Hat Security Advisory 2022-7399-01
Posted Jan 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7399-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-22570, CVE-2021-38561, CVE-2021-4235, CVE-2022-1705, CVE-2022-21698, CVE-2022-24302, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-3172, CVE-2022-32148
SHA-256 | e13aef52399a1f4fa930dd8b8bf1a89fd110f6137aebfab4ca96512890bd402c
Red Hat Security Advisory 2022-8893-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8893-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.20.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22570, CVE-2022-1158, CVE-2022-24302, CVE-2022-2639, CVE-2022-27191, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-42898
SHA-256 | c38ee4b6306b101938abc04733fc4231063e50a1e2f0c70c966e429666acd243
Red Hat Security Advisory 2022-8863-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8863-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.

tags | advisory, remote, arbitrary, shell, protocol, python
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | 59534817e9e5c4ed208e21817cc8d384718759ee9feaec332ee49ea7ba65f1b5
Red Hat Security Advisory 2022-8845-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8845-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.

tags | advisory, remote, arbitrary, shell, protocol, python
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | a6a2060126d1be99be2aca8297f1257ee4619fcacb1e48e24b430da0c6b1eb8c
Red Hat Security Advisory 2022-4712-01
Posted May 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4712-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat Virtualization Hosted-Engine.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-24302
SHA-256 | cabc33a3a6998a71cdc680bf5440af1d7a130320d58e5bd49a4e906b855a4f4a
Ubuntu Security Notice USN-5351-2
Posted Mar 30, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5351-2 - USN-5351-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 16.04 ESM. Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-24302
SHA-256 | 5ab34dbf043c68f221010b005e23a075b6b2f624176ef12aa62f28ed3b73a8d1
Ubuntu Security Notice USN-5351-1
Posted Mar 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5351-1 - Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-24302
SHA-256 | 5ebff46b7927019366c4c26262bfda5d50351737a0a1eb80ff2a875a4907b62d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close