Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-1675
HistoryApr 10, 2011 - 2:55 a.m.

CVE-2011-1675

2011-04-1002:55:01
CWE-399
[email protected]
web.nvd.nist.gov
39
cve
2011
1675
util-linux
/etc/mtab
local users
resource limits

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:P/A:N

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Affected configurations

NVD
Node
linuxutil-linuxRange2.19
OR
linuxutil-linuxMatch2.2
OR
linuxutil-linuxMatch2.5
OR
linuxutil-linuxMatch2.7
OR
linuxutil-linuxMatch2.8
OR
linuxutil-linuxMatch2.9
OR
linuxutil-linuxMatch2.10
OR
linuxutil-linuxMatch2.11
OR
linuxutil-linuxMatch2.12
OR
linuxutil-linuxMatch2.12pre
OR
linuxutil-linuxMatch2.13
OR
linuxutil-linuxMatch2.13pre
OR
linuxutil-linuxMatch2.14
OR
linuxutil-linuxMatch2.15
OR
linuxutil-linuxMatch2.16
OR
linuxutil-linuxMatch2.17
OR
linuxutil-linuxMatch2.18

References

Related

cvelist 6
debiancve 5
ubuntucve 6
prion 6
nvd 6
openvas 37
nessus 44
veracode 2
oraclelinux 5
googleprojectzero 1
redhat 6
gentoo 2
cve 5
ibm 3
centos 2
securityvulns 4
ubuntu 1
vmware 4
cvelist
cvelist
CVE-2011-1675
2011-04-10 01:29:00
CVE-2011-1681
2011-04-10 01:29:00
CVE-2011-1678
2011-04-10 01:29:00
debiancve
debiancve
CVE-2011-1675
2011-04-10 02:55:01
CVE-2011-1678
2011-04-10 02:55:02
CVE-2011-1089
2011-04-10 02:55:01
ubuntucve
ubuntucve
CVE-2011-1675
2011-04-10 00:00:00
CVE-2011-1089
2011-04-09 00:00:00
CVE-2011-1681
2011-04-10 00:00:00
prion
prion
Sql injection
2011-04-10 02:55:00
Sql injection
2011-04-10 02:55:00
Sql injection
2014-02-26 15:55:00
nvd
nvd
CVE-2011-1675
2011-04-10 02:55:01
CVE-2011-1749
2014-02-26 15:55:06
CVE-2011-1089
2011-04-10 02:55:01
openvas
openvas
Mandriva Update for util-linux MDVSA-2012:083 (util-linux)
2012-08-03 00:00:00
Mandriva Update for util-linux MDVSA-2012:083 (util-linux)
2012-08-03 00:00:00
RedHat Update for util-linux-ng RHSA-2011:1691-03
2012-07-09 00:00:00
nessus
nessus
Oracle Linux 6 : util-linux-ng (ELSA-2011-1691)
2023-09-07 00:00:00
Mandriva Linux Security Advisory : util-linux (MDVSA-2012:083)
2012-05-30 00:00:00
RHEL 4 : util-linux (Unpatched Vulnerability)
2024-06-03 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 01:07:09
Denial Of Service (DoS)
2020-04-10 01:08:59
oraclelinux
oraclelinux
util-linux security, bug fix, and enhancement update
2012-03-01 00:00:00
util-linux-ng security, bug fix, and enhancement update
2011-12-14 00:00:00
glibc security, bug fix, and enhancement update
2011-12-14 00:00:00
googleprojectzero
googleprojectzero
The poisoned NUL byte, 2014 edition
2014-08-25 00:00:00
redhat
redhat
(RHSA-2012:0307) Low: util-linux security, bug fix, and enhancement update
2012-02-21 00:00:00
(RHSA-2011:1691) Low: util-linux-ng security, bug fix, and enhancement update
2011-12-06 00:00:00
(RHSA-2011:1526) Low: glibc security, bug fix, and enhancement update
2011-12-06 00:00:00
gentoo
gentoo
util-linux: Multiple vulnerabilities
2014-05-18 00:00:00
GNU C Library: Multiple vulnerabilities
2013-12-03 00:00:00
cve
cve
CVE-2011-1679
2011-04-10 02:55:02
CVE-2011-1681
2011-04-10 02:55:02
CVE-2011-1749
2014-02-26 15:55:06
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues
2024-05-07 17:05:31
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues
2024-05-07 17:07:44
Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities
2024-06-26 09:20:14
centos
centos
glibc, nscd security update
2012-02-14 03:06:54
glibc, nptl, nscd security update
2012-02-14 02:09:08
securityvulns
securityvulns
glibc multiple security vulnerabilities
2011-12-04 00:00:00
[ MDVSA-2011:178 ] glibc
2011-12-04 00:00:00
[USN-1396-1] GNU C Library vulnerabilities
2012-03-10 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2012-03-09 00:00:00
vmware
vmware
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:P/A:N

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON
Related for CVE-2011-1675
cvelist6debiancve5ubuntucve6prion6nvd6openvas37nessus44veracode2oraclelinux5googleprojectzero1redhat6gentoo2cve5ibm3centos2securityvulns4ubuntu1vmware4