Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
util-linux vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2014-9114
Blkid in util-linux prior to 2.26rc-1 allows local users to execute arbitrary code.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Kernel Util-linux
2.1
CVSSv2
CVE-2001-1494
script command in the util-linux package prior to 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
Kernel Util-linux
Avaya Cvlan
Avaya Interactive Response
Avaya Integrated Management Suit
Avaya Intuity Lx
Avaya Message Networking
Avaya Messaging Storage Server
1 Github repository
7.2
CVSSv2
CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow malicious users to gain privileges via helpers such as mount.nfs.
Kernel Util-linux
Loop-aes-utils Project Loop-aes-utils -
Fedoraproject Fedora 7
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
NA
CVE-2024-28085
wall in util-linux up to and including 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are n...
1 Github repository
1 Article
5.8
CVSSv2
CVE-2010-3879
FUSE, possibly 2.8.5 and previous versions, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-07...
Libfuse Project Libfuse
1 EDB exploit
6.2
CVSSv2
CVE-2002-0638
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and previous versions, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an ...
Mandrakesoft Mandrake Single Network Firewall 7.2
Mandrakesoft Mandrake Linux 7.2
Mandrakesoft Mandrake Linux 8.0
Redhat Linux 6.0
Redhat Linux 7.0
Redhat Linux 7.1
Mandrakesoft Mandrake Linux 8.1
Redhat Linux 6.1
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux 7.1
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
Redhat Linux 6.2
Redhat Linux 7.2
Redhat Linux 7.3
Hp Secure Os 1.0
Mandrakesoft Mandrake Linux 8.2
10
CVSSv2
CVE-1999-0661
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8...
1 EDB exploit
3.3
CVSSv2
CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and previous versions, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.
Fuse Fuse 2.4.2
Fuse Fuse 2.6.0
Fuse Fuse 2.4.1
Fuse Fuse 2.2
Fuse Fuse 2.6.5
Fuse Fuse 2.7.0
Fuse Fuse 2.7.4
Fuse Fuse 2.3.0
Fuse Fuse 2.4.0
Fuse Fuse 2.6.3
Fuse Fuse 2.5.3
Fuse Fuse 2.3
Fuse Fuse 2.0
Fuse Fuse 2.8.1
Fuse Fuse 2.2.1
Fuse Fuse 2.5.1
Fuse Fuse 2.7.1
Fuse Fuse 2.8.2
Fuse Fuse 2.7.2
Fuse Fuse 2.1
Fuse Fuse 2.8.0
Fuse Fuse 2.5.2
7.2
CVSSv2
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 0.38
Busybox Busybox 0.46
Busybox Busybox 0.47
Busybox Busybox 0.60.1
Busybox Busybox 0.60.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.2
Busybox Busybox 1.1.3
Busybox Busybox 1.11.1
Busybox Busybox 1.11.2
Busybox Busybox 1.13.1
Busybox Busybox 1.13.2
Busybox Busybox 1.14.4
Busybox Busybox 1.15.0
Busybox Busybox 1.17.0
Busybox Busybox 1.17.1
Busybox Busybox 1.18.4
Busybox Busybox 1.18.5
Busybox Busybox 1.2.2
Busybox Busybox 1.2.2.1
NA
CVE-2024-26821
In the Linux kernel, the following vulnerability has been resolved: fs: relax mount_setattr() permission checks When we added mount_setattr() I added additional checks compared to the legacy do_reconfigure_mnt() and do_change_type() helpers used by regular mount(2). If that mount...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3