This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Andries Brouwer First view 2001-12-31
Product Util-Linux Last view 2005-09-13
Version 2.9w Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:andries_brouwer:util-linux

Activity : Overall

Related : CVE

  Date Alert Description
7.2 2005-09-13 CVE-2005-2876

umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.

5 2004-03-03 CVE-2004-0080

The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data.

2.1 2001-12-31 CVE-2001-1494

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.

Open Source Vulnerability Database (OSVDB)

id Description
19934 util-linux script Hardlink Arbitrary File Overwrite
19369 util-linux umount -r Mount Option Removal Restriction Bypass
3796 Red Hat util-linux Login Program Information Leakage

OpenVAS Exploits

id Description
2009-10-10 Name : SLES9: Security update for util-linux
File : nvt/sles9p5013637.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200404-06 ()
File : nvt/glsa_200404_06.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200509-15 (util-linux)
File : nvt/glsa_200509_15.nasl
2008-01-17 Name : Debian Security Advisory DSA 823-1 (util-linux)
File : nvt/deb_823_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 825-1 (loop-aes-utils)
File : nvt/deb_825_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2005-255-02 util-linux umount
File : nvt/esoft_slk_ssa_2005_255_02.nasl

Nessus® Vulnerability Scanner

id Description
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-782.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-184-1.nasl - Type: ACT_GATHER_INFO
2005-10-19 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-782.nasl - Type: ACT_GATHER_INFO
2005-10-05 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-823.nasl - Type: ACT_GATHER_INFO
2005-10-05 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-825.nasl - Type: ACT_GATHER_INFO
2005-10-05 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200509-15.nasl - Type: ACT_GATHER_INFO
2005-10-05 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-167.nasl - Type: ACT_GATHER_INFO
2005-09-17 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-886.nasl - Type: ACT_GATHER_INFO
2005-09-17 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-887.nasl - Type: ACT_GATHER_INFO
2004-08-30 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200404-06.nasl - Type: ACT_GATHER_INFO
2004-07-06 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2004-056.nasl - Type: ACT_GATHER_INFO