15 matches found
SUSE CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
Mandrake Security Advisory MDVSA-2009:062 (shadow-utils)
The remote host is missing an update to shadow-utils announced via advisory MDVSA-2009:062. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandrake Security Advisory MDVSA-2009:062 (shadow-utils)
The remote host is missing an update to shadow-utils announced via advisory MDVSA-2009:062. OpenVAS Vulnerability Test $Id: mdksa2009062.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:062 shadow-utils Authors: Thomas Reinke Copyright: Copyright c 20...
Debian 'login' 本地权限升级漏洞
Debian is prone to a local privilege-escalation vulnerability because of an error in the 'login' program. Local attackers in the UTMP group could exploit this issue to take ownership of arbitrary files on the vulnerable system. This may lead to a complete compromise of the system. Debian Linux 3....
CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
Design/Logic Flaw
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
CVE-2008-5394
CVE-2008-5394 concerns the shadow package’s /bin/login on Debian (and likely other distros) where local users in the utmp group could exploit a symlink vulnerability to overwrite arbitrary files via a temporary file referenced in a utmp entry’s ut_line field. The described condition affects shado...
CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...
Linux /bin/login privilege escalation
It's possible to escalate privileges from utmp group to root...
GLSA-200803-05 : SplitVT: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-200803-05 SplitVT: Privilege escalation Mike Ashton reported that SplitVT does not drop group privileges before executing the xprop utility. Impact : A local attacker could exploit this vulnerability to gain the 'utmp' group...
Debian Security Advisory DSA 112-1 (hanterm)
The remote host is missing an update to hanterm announced via advisory DSA 112-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
xitalk privilege escalation
It's possible to obtain utmp group privileges...