Summary
Detail | |||
---|---|---|---|
Vendor | e2fsprogs Project | First view | 2015-02-17 |
Product | e2fsprogs | Last view | 2020-01-08 |
Version | 1.42.11 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:e2fsprogs_project:e2fsprogs |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.7 | 2020-01-08 | CVE-2019-5188 | A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. |
6.7 | 2019-09-24 | CVE-2019-5094 | An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. |
4.6 | 2015-02-24 | CVE-2015-1572 | Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247. |
4.6 | 2015-02-17 | CVE-2015-0247 | Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (2) | CWE-787 | Out-of-bounds Write |
50% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Snort® IPS/IDS
Date | Description |
---|---|
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0973 attack attempt RuleID : 52571 - Type : FILE-OTHER - Revision : 1 |
2020-12-05 | TRUFFLEHUNTER TALOS-2019-0973 attack attempt RuleID : 52570 - Type : FILE-OTHER - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2017-05-01 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2016-1038.nasl - Type: ACT_GATHER_INFO |
2017-01-03 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201701-06.nasl - Type: ACT_GATHER_INFO |
2015-08-13 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2015-1364-1.nasl - Type: ACT_GATHER_INFO |
2015-08-05 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2015-1341-1.nasl - Type: ACT_GATHER_INFO |
2015-07-24 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201507-22.nasl - Type: ACT_GATHER_INFO |
2015-06-25 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2015-1103-1.nasl - Type: ACT_GATHER_INFO |
2015-06-18 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2015-542.nasl - Type: ACT_GATHER_INFO |
2015-06-08 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2015-400.nasl - Type: ACT_GATHER_INFO |
2015-06-08 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2015-399.nasl - Type: ACT_GATHER_INFO |
2015-03-30 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-068.nasl - Type: ACT_GATHER_INFO |
2015-03-30 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-067.nasl - Type: ACT_GATHER_INFO |
2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-162.nasl - Type: ACT_GATHER_INFO |
2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-153.nasl - Type: ACT_GATHER_INFO |
2015-03-05 | Name: The remote Fedora host is missing a security update. File: fedora_2015-2516.nasl - Type: ACT_GATHER_INFO |
2015-03-05 | Name: The remote Fedora host is missing a security update. File: fedora_2015-2511.nasl - Type: ACT_GATHER_INFO |
2015-02-24 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-2507-1.nasl - Type: ACT_GATHER_INFO |
2015-02-24 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_2a4bcd7dbbb811e4903c080027ef73ec.nasl - Type: ACT_GATHER_INFO |
2015-02-24 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_0f488b7bbbb911e4903c080027ef73ec.nasl - Type: ACT_GATHER_INFO |
2015-02-24 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3166.nasl - Type: ACT_GATHER_INFO |
2015-02-23 | Name: The remote Fedora host is missing a security update. File: fedora_2015-2279.nasl - Type: ACT_GATHER_INFO |
2015-02-13 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-045.nasl - Type: ACT_GATHER_INFO |
2015-02-13 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2015-478.nasl - Type: ACT_GATHER_INFO |
2015-02-09 | Name: The remote Fedora host is missing a security update. File: fedora_2015-1840.nasl - Type: ACT_GATHER_INFO |