32 matches found
Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in coreutils (util-linux)
Summary A security vulnerability has been discovered in coreutils util-linux, which is used by IBM QRadar Network Security. Vulnerability Details CVEID: CVE-2017-2616 DESCRIPTION: util-linux could allow a local authenticated attacker to bypass security restrictions, caused by a race condition whe...
CVE-2014-9114
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code...
CVE-2015-5218
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service crash via a crafted file, related to the page global variable...
CVE-2011-1677
mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...
Ubuntu Update for util-linux vulnerability USN-533-1
Ubuntu Update for Linux kernel vulnerabilities USN-533-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5331.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for util-linux vulnerability USN-533-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
DTSA-126-1 util-linux - log injection
Bulletin has no description...
CVE-2004-0080
The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data...
Mandrake Linux Security Advisory : util-linux (MDKSA-2002:047)
Michal Zalewski found a vulnerability in the util-linux package with the chfn utility. This utility allows users to modify some information in the /etc/passwd file, and is installed setuid root. Using a carefully crafted attack sequence, an attacker can exploit a complex file locking and...
util-linux login program discloses sensitive information
Overview util-linux login program uses a pointer that was previously freed and reallocated which could allow an attacker to gain access to sensitive information. Description util-linux is shipped with Red Hat and numerous other Linux distributions. It contains a collection of utility programs, su...
Moderate: Red Hat Security Advisory: util-linux security update
The util-linux package shipped with Red Hat Linux Advanced Server contains a locally exploitable vulnerability. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. The 'chfn' utility included in this package allows users...
CVE-2001-1175
vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing...
CVE-2001-1494
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command...