Lucene search
K

1184 matches found

Packet Storm
Packet Storm
added 2024/03/28 12:0 a.m.503 views

util-linux wall Escape Sequence Injection

Wall-Escape CVE-2024-28085 Skyler Ferrante: Escape sequence injection in util-linux wall ================================================================= Summary ================================================================= The util-linux wall command does not filter escape sequences from...

7.4AI score0.02242EPSS
Exploits3
OpenVAS
OpenVAS
added 2024/03/28 12:0 a.m.11 views

Ubuntu: Security Advisory (USN-6719-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS5.6AI score0.02242EPSS
Exploits3References2
OSV
OSV
added 2024/03/27 7:15 p.m.6 views

AZL-37146 CVE-2024-28085 affecting package util-linux for versions less than 2.37.4-9

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS7.1AI score0.02242EPSS
Exploits3References1
OSV
OSV
added 2024/03/27 7:15 p.m.27 views

CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS6.6AI score0.02242EPSS
Exploits3References16
OSV
OSV
added 2024/03/27 7:15 p.m.3 views

ALPINE-CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS6.9AI score0.02242EPSS
Exploits3References1
OSV
OSV
added 2024/03/27 7:15 p.m.1 views

DEBIAN-CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS6.5AI score0.02242EPSS
Exploits3References1
OSV
OSV
added 2024/03/27 7:15 p.m.5 views

AZL-37134 CVE-2024-28085 affecting package util-linux for versions less than 2.39.2-2

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS7.1AI score0.02242EPSS
Exploits3References1
Ubuntu
Ubuntu
added 2024/03/27 3:23 p.m.388 views

USN-6719-1: util-linux vulnerability

Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information...

3.3CVSS6.8AI score0.02242EPSS
Exploits3
OSV
OSV
added 2024/03/27 3:23 p.m.3 views

USN-6719-1 util-linux vulnerability

Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information...

3.3CVSS6.7AI score0.02242EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/03/27 12:0 a.m.16 views

CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

6.7AI score0.02242EPSS
Exploits3References15
CVE
CVE
added 2024/03/27 12:0 a.m.3559 views

CVE-2024-28085

The CVE-2024-28085 issue is in util-linux, where wall (and related utilities) installed with setgid tty permission fails to filter escape sequences from command-line arguments. Escape sequences from argv can be sent to other users’ terminals, potentially enabling local information disclosure or a...

3.3CVSS6.2AI score0.02242EPSS
Exploits3References18Affected Software1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.3 views

util-linux 安全漏洞

util-linux is an open source software package. A security vulnerability exists in util-linux version 2.40 and earlier, which stems from the fact that wall is typically installed with the setgid tty permission, which allows escape sequences to be sent to other users' terminals via argv, which coul...

3.3CVSS6.4AI score0.02242EPSS
Exploits3References19
Cvelist
Cvelist
added 2024/03/27 12:0 a.m.26 views

CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

6.5AI score0.02242EPSS
Exploits3References15
UbuntuCve
UbuntuCve
added 2024/03/27 12:0 a.m.371 views

CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS6.9AI score0.02242EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.59 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : util-linux vulnerability (USN-6719-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6719-1 advisory. Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker coul...

3.3CVSS6.8AI score0.02242EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.3 views

PT-2024-2532 · Unknown +6 · Util-Linux +6

Name of the Vulnerable Software and Affected Versions: util-linux versions prior to 2.40 Description: The wall command in util-linux versions through 2.40 does not properly filter escape sequences received from command line arguments. This allows a local attacker to potentially inject escape...

6.2CVSS5.2AI score0.02242EPSS
Exploits4References140
OSV
OSV
added 2024/03/27 12:0 a.m.1 views

UBUNTU-CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS6.6AI score0.02242EPSS
Exploits3References6
Debian CVE
Debian CVE
added 2024/03/27 12:0 a.m.69 views

CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked. There may be plausible...

3.3CVSS5.9AI score0.02242EPSS
Exploits3
GithubExploit
GithubExploit
added 2024/03/11 12:15 a.m.551 views

Exploit for Improper Neutralization of Escape, Meta, or Control Sequences in Kernel Util-Linux

Wall-Escape CVE-2024-28085 The util-linux wall command does...

3.3CVSS4.9AI score0.02242EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.19 views

CentOS 9 : util-linux-2.37.4-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the util-linux-2.37.4-3.el9 build changelog. - A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE...

5.5CVSS6.4AI score0.00634EPSS
Exploits4References4
Rows per page
Query Builder