ALT-PU-2021-2935-3
Closed vulnerabilities
Published: 2008-07-31
BDU:2015-09339
Уязвимость операционной системы Gentoo Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Severity: MEDIUM (4.1)
References:
Published: 2008-04-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2008-1628
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
Severity: MEDIUM (4.1)
References:
- SUSE-SR:2008:010
- SUSE-SR:2008:010
- http://people.redhat.com/sgrubb/audit/ChangeLog
- http://people.redhat.com/sgrubb/audit/ChangeLog
- 29617
- 29617
- 29754
- 29754
- 29957
- 29957
- 31316
- 31316
- GLSA-200807-14
- GLSA-200807-14
- MDVSA-2008:083
- MDVSA-2008:083
- 28524
- 28524
- 1019824
- 1019824
- ADV-2008-1052
- ADV-2008-1052
- linuxaudit-auditlogusercommand-bo(41576)
- linuxaudit-auditlogusercommand-bo(41576)
- FEDORA-2008-3012
- FEDORA-2008-3012
- [linux-audit] 20080330 audit 1.7 released
- [linux-audit] 20080330 audit 1.7 released
Published: 2017-09-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-5186
Audit before 2.4.4 in Linux does not sanitize escape characters in filenames.
Severity: MEDIUM (5.3)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
References:
- [oss-security] 20150813 Audit: log terminal emulator escape sequences handling CVE-2015-5186
- [oss-security] 20150813 Audit: log terminal emulator escape sequences handling CVE-2015-5186
- 76840
- 76840
- https://bugzilla.redhat.com/show_bug.cgi?id=1251621
- https://bugzilla.redhat.com/show_bug.cgi?id=1251621
- https://people.redhat.com/sgrubb/audit/ChangeLog
- https://people.redhat.com/sgrubb/audit/ChangeLog
Closed bugs
Проверка на биарч зависит от синтаксиса