13 matches found
Azure Linux 3.0 Security Update: util-linux (CVE-2024-28085)
The version of util-linux installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28085 advisory. - wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to...
EulerOS 2.0 SP11 : util-linux (EulerOS-SA-2024-1827)
According to the versions of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals...
CBL Mariner 2.0 Security Update: util-linux (CVE-2024-28085)
The version of util-linux installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28085 advisory. - wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to...
Escape Sequence Injection
util-linux is vulnerable to Escape Sequence Injection. The vulnerability is due to escape sequences being allowed to be sent to other users' terminals through argv, especially when util-linux is often installed with setgid tty permissions, potentially leading to account takeover scenarios...
MGASA-2024-0112 Updated util-linux packages fix security vulnerability
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
SUSE CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
OESA-2024-1352 util-linux security update
The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically,...
wall in util-linux through 2.40 often installed with setgid tty permissions allows escape sequences to be sent to other users' terminals through argv. (Specifically escape sequences received from stdin are blocked but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.
...
DEBIAN-CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
ALPINE-CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
UBUNTU-CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
Solaris 2.x /usr/sbin/wall Advisory
Affected Operating Systems: Solaris 2.x-9 Possibly others derived from AT&T source code. Affected Program: /usr/sbin/wall Synopsis: Wall is a setgid tty program that broadcasts a message to every user currently logged into the system. It can also receive messages from remote hosts, via RPC...