1184 matches found
util-linux wall Escape Sequence Injection
Wall-Escape CVE-2024-28085 Skyler Ferrante: Escape sequence injection in util-linux wall ================================================================= Summary ================================================================= The util-linux wall command does not filter escape sequences from...
Ubuntu: Security Advisory (USN-6719-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-37146 CVE-2024-28085 affecting package util-linux for versions less than 2.37.4-9
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
ALPINE-CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
DEBIAN-CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
AZL-37134 CVE-2024-28085 affecting package util-linux for versions less than 2.39.2-2
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
USN-6719-1: util-linux vulnerability
Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information...
USN-6719-1 util-linux vulnerability
Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information...
CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
CVE-2024-28085
The CVE-2024-28085 issue is in util-linux, where wall (and related utilities) installed with setgid tty permission fails to filter escape sequences from command-line arguments. Escape sequences from argv can be sent to other users’ terminals, potentially enabling local information disclosure or a...
util-linux 安全漏洞
util-linux is an open source software package. A security vulnerability exists in util-linux version 2.40 and earlier, which stems from the fact that wall is typically installed with the setgid tty permission, which allows escape sequences to be sent to other users' terminals via argv, which coul...
CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : util-linux vulnerability (USN-6719-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6719-1 advisory. Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker coul...
PT-2024-2532 · Unknown +6 · Util-Linux +6
Name of the Vulnerable Software and Affected Versions: util-linux versions prior to 2.40 Description: The wall command in util-linux versions through 2.40 does not properly filter escape sequences received from command line arguments. This allows a local attacker to potentially inject escape...
UBUNTU-CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
CVE-2024-28085
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...
Exploit for Improper Neutralization of Escape, Meta, or Control Sequences in Kernel Util-Linux
Wall-Escape CVE-2024-28085 The util-linux wall command does...
CentOS 9 : util-linux-2.37.4-3.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the util-linux-2.37.4-3.el9 build changelog. - A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE...