Azure Linux 3.0 Security Update: util-linux (CVE-2024-28085)

The version of util-linux installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28085 advisory. - wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to...

Security update for screen

This update for screen fixes the following issues: CVE-2025-46802: Fixed temporary chown of users' TTY to mode 0666 allowing PTY hijacking bsc1242269 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

EulerOS 2.0 SP11 : util-linux (EulerOS-SA-2024-1827)

According to the versions of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals...

SUSE CVE-2013-2207

ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...

OpenSSH sshd Denial of Service Vulnerability

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers maintained by the OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

CVE-2015-6565

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence...

Code injection

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence...

CVE-2015-6565

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence...

DEBIAN-CVE-2013-2207

ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...

UBUNTU-CVE-2013-2207

ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...

Ubuntu Update for shadow vulnerability USN-695-1

Ubuntu Update for Linux kernel vulnerabilities USN-695-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6951.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for shadow vulnerability USN-695-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Shadow: Privilege escalation

Background Shadow is a set of tools to deal with user accounts. Description Paul Szabo reported a race condition in the "login" executable when setting up tty permissions. Impact A local attacker belonging to the "utmp" group could use symlink attacks to overwrite arbitrary files and possibly gai...

Debian: Security Advisory (DSA-1709-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-1709-1 shadow - privilege escalation

Bulletin has no description...

USN-695-1: shadow vulnerability

Paul Szabo discovered a race condition in login. While setting up tty permissions, login did not correctly handle symlinks. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root...