9 matches found
EUVD-2026-18864
util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...
EUVD-2014-3862
Malware in sbrugna...
KDE Partition Manager Command Injection Vulnerability
KDE Partition Manager is a disk partitioning software for Linux from the KDE community. The software manages disks, partitions and file systems, can create, delete, copy, backup and restore partitions, and supports a variety of partition formats, including: ext2/3, reiserfs, NTFS, FAT32, etc.. A...
powerpc-utils: snap creates archives with fstab and yaboot.conf which may expose certain passwords
A flaw was found in the way the snap utility of powerpc-utils generated an archive containing a configuration snapshot of a service. A local attacker could obtain sensitive information from the generated archive such as plain text passwords...
Design/Logic Flaw
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
CVE-2014-3925
CVE-2014-3925 affects sosreport in Red Hat sos 1.7 and earlier on RHEL 5, where the generated archive may contain an fstab with cleartext passwords and lacks a warning to review for passwords, enabling potential sensitive-information disclosure if an attacker can access the technical-support data...
CVE-2014-3925
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
Scientific Linux Security Update : virt-v2v on SL6.x x86_64
virt-v2v is a tool for converting and importing virtual machines to libvirt-managed KVM Kernel-based Virtual Machine. Using virt-v2v to convert a guest that has a password-protected VNC console to a KVM guest removed that password protection from the converted guest: after conversion, a password...
Low: Red Hat Security Advisory: virt-v2v security and bug fix update
An updated virt-v2v package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...