EUVD-2026-9000

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

PT-2026-22300

Name of the Vulnerable Software and Affected Versions GNU inetutils versions through 2.7 Description A privilege escalation issue exists in telnetd within GNU inetutils. The issue stems from improper handling of the CREDENTIALS DIRECTORY environment variable, introduced with systemd service...

DEBIAN-CVE-2006-7108

login in util-linux-2.12a skips pamacctmgmt and chauthtok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pamacctmgmt and chauthtok...

GLSA-200404-06 : Util-linux login may leak sensitive data

The remote host is affected by the vulnerability described in GLSA-200404-06 Util-linux login may leak sensitive data In some situations the login program could leak sensitive data due to an incorrect usage of a reallocated pointer. NOTE: Only users who have PAM support disabled on their systems...