CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-7108
https://notcve.org/view.php?id=CVE-2006-7108
04 Mar 2007 — login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok. la entrada en util-linux-2.12a se salta pam_acct_mgmt y chauth_tok cuando la validación es saltada, por ejemplo cuando se ha establecido una sesión del krlogin del Kerberos, lo cual podría permitir a usuarios evitar las políticas previstas de... • http://secunia.com/advisories/25098 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2005-2876
https://notcve.org/view.php?id=CVE-2005-2876
13 Sep 2005 — umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags. • http://marc.info/?l=bugtraq&m=112656096125857&w=2 •
CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 0CVE-2004-0080
https://notcve.org/view.php?id=CVE-2004-0080
03 Mar 2004 — The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data. El programa login en util-linux 2.11 y anteriores usa un puntero después de haber sido liberado y reasignado, lo que podría hacer que login filtrara datos sensibles. • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2003-0645 – man-db 2.4.1 - 'open_cat_stream()' Local uid=man
https://notcve.org/view.php?id=CVE-2003-0645
14 Aug 2003 — man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges. man-db 2.3.12 y 2.3.18 a 2.4.1 usa ciertas directivas DEFINE controladas por el usuario del fichero ~/.manpath, incluso cuando corre con setuid, lo que podría permitir a usuarios locales ganar privielgios. • https://www.exploit-db.com/exploits/75 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2003-0620 – ManDB Utility 2.3/2.4 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0620
01 Aug 2003 — Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable. Múltiples desbordamientos de búfer en man-db 2.4.1 y anteriores, cuando se instala con setuid, permite a usuarios local... • https://www.exploit-db.com/exploits/22971 •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 2CVE-2003-0124 – Man Program 1.5 - Unsafe Return Value Command Execution
https://notcve.org/view.php?id=CVE-2003-0124
18 Mar 2003 — man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. man anterior a 1.51 permite a atacantes ejecutar código de su elección mediante un fichero man con comillas mal colocadas, lo que causa que la función my_xsprintf devuelva una cadena con el valor "unsafe", que es ent... • https://www.exploit-db.com/exploits/22344 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0094
https://notcve.org/view.php?id=CVE-2003-0094
03 Mar 2003 — A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed. • http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:016 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1175
https://notcve.org/view.php?id=CVE-2001-1175
01 Apr 2002 — vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. vipw en el paquete util-linux anteriores a 2.10 permite que /etc/shawow sea legible por todos los usuarios en algunos casos, lo que haría facil a usuarios locales realizar ataques de fuerza bruta para adivinar contraseñas. • http://www.redhat.com/support/errata/RHSA-2001-095.html •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2001-1147
https://notcve.org/view.php?id=CVE-2001-1147
08 Oct 2001 — The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits. • http://www.ciac.org/ciac/bulletins/m-009.shtml •