Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
util-linux vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2014-9114
Blkid in util-linux prior to 2.26rc-1 allows local users to execute arbitrary code.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Kernel Util-linux
187
VMScore
CVE-2001-1494
script command in the util-linux package prior to 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
Kernel Util-linux
Avaya Cvlan
Avaya Interactive Response
Avaya Integrated Management Suit
Avaya Intuity Lx
Avaya Message Networking
Avaya Messaging Storage Server
1 Github repository
642
VMScore
CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow malicious users to gain privileges via helpers such as mount.nfs.
Kernel Util-linux
Loop-aes-utils Project Loop-aes-utils -
Fedoraproject Fedora 7
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
NA
CVE-2024-28085
wall in util-linux up to and including 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are n...
1 Github repository
1 Article
552
VMScore
CVE-2002-0638
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and previous versions, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an ...
Mandrakesoft Mandrake Single Network Firewall 7.2
Mandrakesoft Mandrake Linux 7.2
Mandrakesoft Mandrake Linux 8.0
Redhat Linux 6.0
Redhat Linux 7.0
Redhat Linux 7.1
Mandrakesoft Mandrake Linux 8.1
Redhat Linux 6.1
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux 7.1
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
Redhat Linux 6.2
Redhat Linux 7.2
Redhat Linux 7.3
Hp Secure Os 1.0
Mandrakesoft Mandrake Linux 8.2
585
VMScore
CVE-2010-3879
FUSE, possibly 2.8.5 and previous versions, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-07...
Libfuse Project Libfuse
1 EDB exploit
1000
VMScore
CVE-1999-0661
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8...
1 EDB exploit
294
VMScore
CVE-2011-0543
Certain legacy functionality in fusermount in fuse 2.8.5 and previous versions, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.
Fuse Fuse 2.4.2
Fuse Fuse 2.6.0
Fuse Fuse 2.4.1
Fuse Fuse 2.2
Fuse Fuse 2.6.5
Fuse Fuse 2.7.0
Fuse Fuse 2.7.4
Fuse Fuse 2.3.0
Fuse Fuse 2.4.0
Fuse Fuse 2.6.3
Fuse Fuse 2.5.3
Fuse Fuse 2.3
Fuse Fuse 2.0
Fuse Fuse 2.8.1
Fuse Fuse 2.2.1
Fuse Fuse 2.5.1
Fuse Fuse 2.7.1
Fuse Fuse 2.8.2
Fuse Fuse 2.7.2
Fuse Fuse 2.1
Fuse Fuse 2.8.0
Fuse Fuse 2.5.2
641
VMScore
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 0.38
Busybox Busybox 0.46
Busybox Busybox 0.47
Busybox Busybox 0.60.1
Busybox Busybox 0.60.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.2
Busybox Busybox 1.1.3
Busybox Busybox 1.11.1
Busybox Busybox 1.11.2
Busybox Busybox 1.13.1
Busybox Busybox 1.13.2
Busybox Busybox 1.14.4
Busybox Busybox 1.15.0
Busybox Busybox 1.17.0
Busybox Busybox 1.17.1
Busybox Busybox 1.18.4
Busybox Busybox 1.18.5
Busybox Busybox 1.2.2
Busybox Busybox 1.2.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3