Lucene search
RootSSV:3244HistoryApr 30, 2008 - 12:00 a.m.
util-linux-ng登录远程日志注入漏洞
2008-04-3000:00:00
Root
www.seebug.org
9
0.012 Low
EPSS
Percentile
83.8%
BUGTRAQ ID: 28983
CVE(CAN) ID: CVE-2008-1926
util-linux-ng是增强版本的Util-linux软件包,包含有多种linux工具和应用。
util-linux-ng软件包的login.c在记录登录尝试时存在参数注入漏洞,远程攻击者可以在登录名称中添加addr=语句在审计日志中修改部分日志事件,从而隐藏其登录尝试等行为。
Karel Zak util-linux-ng < 2.13.1.1
Karel Zak
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/v2.13” target=“_blank”>ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/v2.13</a>
Related
nessus
nessus
Mandriva Linux Security Advisory : util-linux-ng (MDVSA-2008:114)
2009-04-23 00:00:00
CentOS 4 : util-linux (CESA-2009:0981)
2013-06-29 00:00:00
Fedora 8 : util-linux-ng-2.13.1-2.fc8 (2008-3419)
2008-05-01 00:00:00
veracode
veracode
Log Injection
2020-04-10 00:33:10
openvas
openvas
RedHat Security Advisory RHSA-2009:0981
2009-05-20 00:00:00
Fedora Update for util-linux-ng FEDORA-2008-3419
2009-02-17 00:00:00
Mandriva Update for util-linux-ng MDVSA-2008:114 (util-linux-ng)
2009-04-09 00:00:00
cve
cve
CVE-2008-1926
2008-04-24 05:05:00
prion
prion
Design/Logic Flaw
2008-04-24 05:05:00
fedora
fedora
[SECURITY] Fedora 8 Update: util-linux-ng-2.13.1-2.fc8
2008-04-29 21:01:18
centos
centos
util security update
2009-05-21 14:46:18
redhat
redhat
(RHSA-2009:0981) Low: util-linux security and bug fix update
2009-05-18 00:00:00
oraclelinux
oraclelinux
util-linux security and bug fix update
2009-05-26 00:00:00
debiancve
debiancve
CVE-2008-1926
2008-04-24 05:05:00
ubuntucve
ubuntucve
CVE-2008-1926
2008-04-24 00:00:00