login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.
Max CVSS
4.1
EPSS Score
0.07%
Published
2007-03-04
Updated
2017-10-11
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.
Max CVSS
7.2
EPSS Score
0.09%
Published
2005-09-13
Updated
2018-10-19
The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data.
Max CVSS
5.0
EPSS Score
1.44%
Published
2004-03-03
Updated
2017-10-10
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-08-27
Updated
2017-07-11
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-08-27
Updated
2016-10-18
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.
Max CVSS
4.6
EPSS Score
0.21%
Published
2003-03-18
Updated
2017-10-10
A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed.
Max CVSS
5.0
EPSS Score
0.31%
Published
2003-03-03
Updated
2017-10-10
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
Max CVSS
5.5
EPSS Score
0.04%
Published
2001-12-31
Updated
2024-01-26
vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-04-01
Updated
2017-10-10
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
Max CVSS
7.2
EPSS Score
0.06%
Published
2001-10-08
Updated
2008-09-05
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!