15 matches found
EUVD-2008-1926
Malware in sbrugna...
SUSE CVE-2008-1926
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
CVE-2017-16680
Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1 Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files...
util-linux: audit log injection via login
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
util-linux: audit log injection via login
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
Fedora 8 : util-linux-ng-2.13.1-2.fc8 (2008-3419)
Tue Apr 22 2008 Karel Zak 2.13.1-2 - fix audit log injection attack via login - Wed Jan 16 2008 Karel Zak 2.13.1-1 - upgrade to stable util-linux-ng 2.13.1 - fix 427874 - util-linux-ng gets 'excess command line argument' on update - Thu Jan 3 2008 Karel Zak 2.13-3.2 - fix 427207 -...
CVE-2008-1926
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
CVE-2008-1926
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
DEBIAN-CVE-2008-1926
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
CVE-2008-1926
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
CVE-2008-1926
Argument injection vulnerability in login login-utils/login.c in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."...
pam security, bug fix, and enhancement update
0.99.6.2-3.26 - removed realtime default limits 240123 from the package as it caused regression on machines with nonexistent realtime group 0.99.6.2-3.25 - added and improved translations 219124 - adjusted the default limits for realtime users 240123 0.99.6.2-3.23 - pamunix: truncated MD5 passwor...
openssh security and bug fix update
4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 4.3p2-23 - document where the nss certificate and token dbs are looked for 4.3p2-22 - experimental support for PKCS11 tokens through libnss3 183423 4.3p2-21 - fix an information leak in Kerberos password authentication CVE-2006-505...
audit logging of failed logins
Unspecified vulnerability in the linuxauditrecordevent function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party informatio...
Fedora Core 6 : openssh-4.3p2-25.fc6 (2007-715)
Tue Oct 2 2007 Tomas Mraz - 4.3p2-25 - do not fall back on trusted X11 cookies CVE-2007-4752 280471 - Fri Jul 13 2007 Tomas Mraz - 4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 - Thu Jun 21 2007 Tomas Mraz - 4.3p2-23 - document where the nss certificate and token dbs are...