1175 matches found
Updated util-linux packages fix security vulnerability
A buffer overflow in the colcrt command in util-linux can lead to a crash when given a large input CVE-2015-5218...
openSUSE Security Update : util-linux (openSUSE-2015-702)
util-linux was updated to fix one security issue. This security issue was fixed : - CVE-2015-5218: Prevent colcrt buffer overflow bsc949754. This non-security issue was fixed : - bsc903440: Calendar 'cal' crash with segmentation fault when execute in background. %NASLMINLEVEL 70300 C Tenable...
Mageia: Security Advisory (MGASA-2015-0352)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2011-1691)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2013-0517)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2012-0307)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201405-15
Gentoo Linux Local Security Checks GLSA 201405-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
MGASA-2015-0352 Updated util-linux packages fix CVE-2015-5224
Updated util-linux packages fix security vulnerability: The chfn and chsh commands in util-linux's login-utils are vulnerable to a file name collision due to incorrect mkstemp usage. If the chfn and chsh binaries are both setuid-root they eventually call mkostemp in such a way that an attacker...
Updated util-linux packages fix CVE-2015-5224
Updated util-linux packages fix security vulnerability: The chfn and chsh commands in util-linux's login-utils are vulnerable to a file name collision due to incorrect mkstemp usage. If the chfn and chsh binaries are both setuid-root they eventually call mkostemp in such a way that an attacker...
PT-2017-6832
Name of the Vulnerable Software and Affected Versions util-linux affected versions not specified Description The issue is related to the mkostemp function in login-utils, which can be exploited by remote attackers to cause file name collision and potentially other attacks when used incorrectly...
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser
Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for CVE-2015-3245 and CVE-2015-3246. Please find our advisory below, and our exploit attached. Qualys Security Advisory CVE-2015-3245 userhelper chfn newline filtering CVE-2015-3246 libuser passwd file handling -- Summary...
The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the util-linux-2.12a package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...
The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the util-linux-2.11y package on the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...
util-linux Package 'hwclock(8)' local elevation of privilege vulnerability
The util-linux package is a suite of system administration tools for Linux that provides tools to load, unload, format, partition and manage hard drives, open tty ports and get kernel messages. The util-linux package is vulnerable to a local boost vulnerability. A local attacker could exploit thi...
hwclock Privilege Escalation
Hello, During a recent assessment I have stumbled across a system which had hwclock8 setuid root hwclock is a part of util-linux, all versions affected $ man hwclock | sed -n '223,231p' Users access and setuid Sometimes, you need to install hwclock setuid root. If you want users other than the...
SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2015:0270-1)
util-linux was updated to fix one security issue. This security issue was fixed : - CVE-2014-9114: Using crafted block devices e.g. USB sticks it was possibly to inject code via libblkid. libblkid was fixed to care about unsafe chars and possible buffer overflow in cache bnc907434 The update...
The vulnerability of the Red Hat Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the util-linux-2.10f package of the Red Hat Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...
Vulnerabilities of the Red Hat Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the util-linux-2.11f package of the Red Hat Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...
The vulnerability of the Gentoo Linux operating system allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the util-linux package up to version 2.12r-r8 of the Gentoo Linux operating system can lead to violations of privacy, integrity, and accessibility of protected information. This vulnerability can be exploited locally...
Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the util-linux package of the Debian GNU/Linux operating system can be exploited, which may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious actors...