CVE-2008-1926

2008-04-2405:05:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

2008

1926

argument injection

util-linux-ng

audit log

vulnerability

remote attackers

6.6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an “addr=” statement to the login name, aka “audit log injection.”

CPENameOperatorVersion
linux:util-linuxlinux util-linuxeq2.13.0.1
linux:util-linuxlinux util-linuxeq2.13
linux:util-linuxlinux util-linuxeq2.13.1
linux:util-linuxlinux util-linuxeq2.13.1.1
linux:util-linuxlinux util-linuxeq2.14

CPE	Name	Operator	Version
linux:util-linux	linux util-linux	eq	2.13.0.1
linux:util-linux	linux util-linux	eq	2.13
linux:util-linux	linux util-linux	eq	2.13.1
linux:util-linux	linux util-linux	eq	2.13.1.1
linux:util-linux	linux util-linux	eq	2.14

References

git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973

git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782

secunia.com/advisories/29982

secunia.com/advisories/30014

secunia.com/advisories/35161

wiki.rpath.com/Advisories:rPSA-2009-0143

www.mandriva.com/security/advisories?name=MDVSA-2008:114

www.redhat.com/support/errata/RHSA-2009-0981.html

www.securityfocus.com/archive/1/507854/100/0/threaded

www.securityfocus.com/bid/28983

www.securitytracker.com/id?1022256

www.vupen.com/english/advisories/2008/1392/references

exchange.xforce.ibmcloud.com/vulnerabilities/41987