EUVD-2020-7690

Malware in sbrugna...

CVE-2017-0358 ntfs-3g: Modprobe influence vulnerability via environment variables

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation...

CVE-2010-4170

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

CVE-2000-1095

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters...

CVE-2000-1095

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters...

SuSE Security Announcement: modules

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: modules Announcement-ID: SuSE-SA:2000:44 Date: Monday, November 13th, 2000 10:00 MEST Affected SuSE versions: 6.4, 7.0 Vulnerability Type: local root compromise Severity 1-10: 8 SuSE default package: yes Other affected systems...

Linux modutils 2.3.9 - 'modprobe' Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1936/info Modutils is a component of many linux systems that includes tools for using loadable kernel modules. One of these tools, modprobe, loads a set of modules that correspond to a provided "name" passed at the command line automatically. Modprobe...