Linux Kernel /dev/ptmx Key Stroke Timing Local Disclosure

No description provided by source. !/bin/bash ptmx-su-pwdlen.sh -- This PoC determine the password length of a local user who runs su -. Done thanks to the ptmx keystroke timing attack CVE-2013-0160. See http://vladz.devzero.fr/013ptmx-timing.php for more information. Tested on Debian 6.0.5 kerne...

Ubuntu: Security Advisory (USN-1916-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1916-1: Linux kernel (Raring HWE) vulnerability

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 7991 / 7992 / 7994)

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to 3.0.82 and to fix various bugs and security issues. The following security issues have been fixed : - The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel allowed local users to cause a denial of service NUL...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7667 / 7669 / 7675)

The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.74 fix various security issues and bugs : This update brings some features : - Updated HD-audio drivers for Nvidia/AMD HDMI and Haswell audio FATE314311 FATE313695 - Lustre enablement patches were added FATE314679. - SGI UV Ultraviol...

SuSE Update for kernel openSUSE-SU-2013:0395-1 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test $Id: gbsuse201303951.nasl 8526 2018-01-25 06:57:37Z teissa $ SuSE Update for kernel openSUSE-SU-2013:0395-1 kernel Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program ...

CVE-2013-0160

The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...

Information disclosure

The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...

CVE-2013-0160

The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...

CVE-2013-0160

CVE-2013-0160 affects the Linux kernel up to version 3.7.9. It enables local attackers to obtain sensitive keystroke timing information by abusing the inotify API on the /dev/ptmx device. The impact is described as partial confidentiality loss; no guidance on exploit details or mitigation is prov...

CVE-2013-0160

The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device...

Linux Kernel '/dev/ptmx'文件本地信息泄露漏洞

Bugtraq ID:57176 CVE ID:CVE-2013-0160 Linux是一款开源的操作系统 "/dev/ptmx"是一款字符设备，用于创建伪终端master设备和slave设备，在击键时可通过PTM输送数据。"/dev/ptmx"存在一个安全漏洞，非特权本地用户漏洞通过判断击键间的延迟，来猜测输入密码的长度 0 Linux kernel 3.x Linux kernel 2.6.x 厂商解决方案 目前没有详细解决方案提供： http://www.linux.org/ http://vladz.devzero.fr/013ptmx-timing.php...