Vulnerability-Lookup

RHBA-2009:0070

Vulnerability from csaf_redhat - Published: 2009-01-20 00:00 - Updated: 2025-11-21 17:20

Summary

Red Hat Bug Fix Advisory: util-linux bug-fix update

Severity

Low

Notes

Topic: An updated util-linux package that fixes multiple bugs is now available.

Details: The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, util-linux contains the fdisk configuration tool and the login program. This update fixes the following bugs: * The login command segmentation fault on EOF. * The script command does not log all commands to the typescript file. * Obsolete information in the mkfs man page. * Obsolete information about fstab-sync in the fstab man page. * Obsolete information in the fdisk man page. * The blockdev command calls the blkpg ioctl with a wrong data structure. * The mount command does not check for validity of mtab information. * The mkswap defaults to v0 format on ppc64. * The fdisk command does not warn about DOS partition table limitations on on large hard drives. * The fdisk command does not properly detect VMware partitions. * The sfdisk command does not work correctly with large hard drives. * The logger command cannot be used when /usr is non-root partition. * The audit log injection attack via the login command. * The swapon command with the "-a" option does not complain about missing devices. Users of util-linux are advised to upgrade to this updated package, which resolves these issues.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2008-1926

Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the login name, aka "audit log injection."

2.6 ()


                        
                          AV:N/AC:H/Au:N/C:N/I:P/A:N

Vendor Fix Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 https://access.redhat.com/errata/RHBA-2009:0070

References

URL

Category

	https://access.redhat.com/errata/RHBA-2009:0070	self
	https://bugzilla.redhat.com/show_bug.cgi?id=249438	external
	https://bugzilla.redhat.com/show_bug.cgi?id=427183	external
	https://bugzilla.redhat.com/show_bug.cgi?id=446648	external
	https://bugzilla.redhat.com/show_bug.cgi?id=447265	external
	https://bugzilla.redhat.com/show_bug.cgi?id=449777	external
	https://bugzilla.redhat.com/show_bug.cgi?id=456378	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2008-1926	self
	https://bugzilla.redhat.com/show_bug.cgi?id=443925	external
	https://www.cve.org/CVERecord?id=CVE-2008-1926	external
	https://nvd.nist.gov/vuln/detail/CVE-2008-1926	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated util-linux package that fixes multiple bugs is now available.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The util-linux package contains a large variety of low-level system\nutilities that are necessary for a Linux system to function. Among\nothers, util-linux contains the fdisk configuration tool and the login\nprogram.\n\nThis update fixes the following bugs:\n\n* The login command segmentation fault on EOF.\n* The script command does not log all commands to the typescript file.\n* Obsolete information in the mkfs man page.\n* Obsolete information about fstab-sync in the fstab man page.\n* Obsolete information in the fdisk man page.\n* The blockdev command calls the blkpg ioctl with a wrong data structure.\n* The mount command does not check for validity of mtab information.\n* The mkswap defaults to v0 format on ppc64.\n* The fdisk command does not warn about DOS partition table limitations on\non large hard drives.\n* The fdisk command does not properly detect VMware partitions.\n* The sfdisk command does not work correctly with large hard drives.\n* The logger command cannot be used when /usr is non-root partition.\n* The audit log injection attack via the login command.\n* The swapon command with the \"-a\" option does not complain about missing\ndevices.\n\nUsers of util-linux are advised to upgrade to this updated package, which\nresolves these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2009:0070",
        "url": "https://access.redhat.com/errata/RHBA-2009:0070"
      },
      {
        "category": "external",
        "summary": "249438",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=249438"
      },
      {
        "category": "external",
        "summary": "427183",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=427183"
      },
      {
        "category": "external",
        "summary": "446648",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=446648"
      },
      {
        "category": "external",
        "summary": "447265",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=447265"
      },
      {
        "category": "external",
        "summary": "449777",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449777"
      },
      {
        "category": "external",
        "summary": "456378",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456378"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhba-2009_0070.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: util-linux bug-fix update",
    "tracking": {
      "current_release_date": "2025-11-21T17:20:50+00:00",
      "generator": {
        "date": "2025-11-21T17:20:50+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHBA-2009:0070",
      "initial_release_date": "2009-01-20T00:00:00+00:00",
      "revision_history": [
        {
          "date": "2009-01-20T00:00:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-01-20T11:04:08+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:20:50+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.50.el5.src",
                "product": {
                  "name": "util-linux-0:2.13-0.50.el5.src",
                  "product_id": "util-linux-0:2.13-0.50.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.50.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.50.el5.x86_64",
                "product": {
                  "name": "util-linux-0:2.13-0.50.el5.x86_64",
                  "product_id": "util-linux-0:2.13-0.50.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.50.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
                  "product_id": "util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.50.el5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.50.el5.i386",
                "product": {
                  "name": "util-linux-0:2.13-0.50.el5.i386",
                  "product_id": "util-linux-0:2.13-0.50.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.50.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.50.el5.i386",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.50.el5.i386",
                  "product_id": "util-linux-debuginfo-0:2.13-0.50.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.50.el5?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.50.el5.ia64",
                "product": {
                  "name": "util-linux-0:2.13-0.50.el5.ia64",
                  "product_id": "util-linux-0:2.13-0.50.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.50.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.50.el5.ia64",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.50.el5.ia64",
                  "product_id": "util-linux-debuginfo-0:2.13-0.50.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.50.el5?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.50.el5.ppc",
                "product": {
                  "name": "util-linux-0:2.13-0.50.el5.ppc",
                  "product_id": "util-linux-0:2.13-0.50.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.50.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.50.el5.ppc",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.50.el5.ppc",
                  "product_id": "util-linux-debuginfo-0:2.13-0.50.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.50.el5?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "util-linux-0:2.13-0.50.el5.s390x",
                "product": {
                  "name": "util-linux-0:2.13-0.50.el5.s390x",
                  "product_id": "util-linux-0:2.13-0.50.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux@2.13-0.50.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "util-linux-debuginfo-0:2.13-0.50.el5.s390x",
                "product": {
                  "name": "util-linux-debuginfo-0:2.13-0.50.el5.s390x",
                  "product_id": "util-linux-debuginfo-0:2.13-0.50.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/util-linux-debuginfo@2.13-0.50.el5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.50.el5.i386"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.50.el5.ia64"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.50.el5.ppc"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.50.el5.s390x"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.50.el5.src"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-0:2.13-0.50.el5.x86_64"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.50.el5.i386"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ia64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ppc"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.50.el5.s390x"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:util-linux-debuginfo-0:2.13-0.50.el5.x86_64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.50.el5.i386"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.50.el5.ia64"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.50.el5.ppc"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.50.el5.s390x"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.50.el5.src"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-0:2.13-0.50.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-0:2.13-0.50.el5.x86_64"
        },
        "product_reference": "util-linux-0:2.13-0.50.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.50.el5.i386"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ia64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ppc"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.50.el5.s390x"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "util-linux-debuginfo-0:2.13-0.50.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:util-linux-debuginfo-0:2.13-0.50.el5.x86_64"
        },
        "product_reference": "util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-1926",
      "discovery_date": "2008-04-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "443925"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an \"addr=\" statement to the login name, aka \"audit log injection.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "util-linux: audit log injection via login",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client:util-linux-0:2.13-0.50.el5.i386",
          "5Client:util-linux-0:2.13-0.50.el5.ia64",
          "5Client:util-linux-0:2.13-0.50.el5.ppc",
          "5Client:util-linux-0:2.13-0.50.el5.s390x",
          "5Client:util-linux-0:2.13-0.50.el5.src",
          "5Client:util-linux-0:2.13-0.50.el5.x86_64",
          "5Client:util-linux-debuginfo-0:2.13-0.50.el5.i386",
          "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ia64",
          "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ppc",
          "5Client:util-linux-debuginfo-0:2.13-0.50.el5.s390x",
          "5Client:util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
          "5Server:util-linux-0:2.13-0.50.el5.i386",
          "5Server:util-linux-0:2.13-0.50.el5.ia64",
          "5Server:util-linux-0:2.13-0.50.el5.ppc",
          "5Server:util-linux-0:2.13-0.50.el5.s390x",
          "5Server:util-linux-0:2.13-0.50.el5.src",
          "5Server:util-linux-0:2.13-0.50.el5.x86_64",
          "5Server:util-linux-debuginfo-0:2.13-0.50.el5.i386",
          "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ia64",
          "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ppc",
          "5Server:util-linux-debuginfo-0:2.13-0.50.el5.s390x",
          "5Server:util-linux-debuginfo-0:2.13-0.50.el5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-1926"
        },
        {
          "category": "external",
          "summary": "RHBZ#443925",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=443925"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1926",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-1926"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1926",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1926"
        }
      ],
      "release_date": "2008-04-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-01-20T00:00:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "5Client:util-linux-0:2.13-0.50.el5.i386",
            "5Client:util-linux-0:2.13-0.50.el5.ia64",
            "5Client:util-linux-0:2.13-0.50.el5.ppc",
            "5Client:util-linux-0:2.13-0.50.el5.s390x",
            "5Client:util-linux-0:2.13-0.50.el5.src",
            "5Client:util-linux-0:2.13-0.50.el5.x86_64",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.i386",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ia64",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ppc",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.s390x",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
            "5Server:util-linux-0:2.13-0.50.el5.i386",
            "5Server:util-linux-0:2.13-0.50.el5.ia64",
            "5Server:util-linux-0:2.13-0.50.el5.ppc",
            "5Server:util-linux-0:2.13-0.50.el5.s390x",
            "5Server:util-linux-0:2.13-0.50.el5.src",
            "5Server:util-linux-0:2.13-0.50.el5.x86_64",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.i386",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ia64",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ppc",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.s390x",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2009:0070"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Client:util-linux-0:2.13-0.50.el5.i386",
            "5Client:util-linux-0:2.13-0.50.el5.ia64",
            "5Client:util-linux-0:2.13-0.50.el5.ppc",
            "5Client:util-linux-0:2.13-0.50.el5.s390x",
            "5Client:util-linux-0:2.13-0.50.el5.src",
            "5Client:util-linux-0:2.13-0.50.el5.x86_64",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.i386",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ia64",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.ppc",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.s390x",
            "5Client:util-linux-debuginfo-0:2.13-0.50.el5.x86_64",
            "5Server:util-linux-0:2.13-0.50.el5.i386",
            "5Server:util-linux-0:2.13-0.50.el5.ia64",
            "5Server:util-linux-0:2.13-0.50.el5.ppc",
            "5Server:util-linux-0:2.13-0.50.el5.s390x",
            "5Server:util-linux-0:2.13-0.50.el5.src",
            "5Server:util-linux-0:2.13-0.50.el5.x86_64",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.i386",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ia64",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.ppc",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.s390x",
            "5Server:util-linux-debuginfo-0:2.13-0.50.el5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "util-linux: audit log injection via login"
    }
  ]
}

CVE-2008-1926 (GCVE-0-2008-1926)

Vulnerability from cvelistv5 – Published: 2008-04-23 17:00 – Updated: 2024-08-07 08:40

Summary

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://secunia.com/advisories/30014	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29982	third-party-advisoryx_refsource_SECUNIA
	http://git.kernel.org/?p=utils/util-linux-ng/util…	x_refsource_CONFIRM
	http://wiki.rpath.com/Advisories:rPSA-2009-0143	x_refsource_CONFIRM
	http://git.kernel.org/?p=utils/util-linux-ng/util…	x_refsource_MISC
	http://www.vupen.com/english/advisories/2008/1392…	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1022256	vdb-entryx_refsource_SECTRACK
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.securityfocus.com/archive/1/507854/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/28983	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/35161	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.redhat.com/support/errata/RHSA-2009-09…	vendor-advisoryx_refsource_REDHAT

Date Public ?

2008-04-19 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:40:59.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "30014",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30014"
          },
          {
            "name": "29982",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29982"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
          },
          {
            "name": "ADV-2008-1392",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1392/references"
          },
          {
            "name": "utillinuxng-login-data-manipulation(41987)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
          },
          {
            "name": "1022256",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022256"
          },
          {
            "name": "MDVSA-2008:114",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
          },
          {
            "name": "20091112 rPSA-2009-0143-1 util-linux util-linux-extras",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
          },
          {
            "name": "28983",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28983"
          },
          {
            "name": "oval:org.mitre.oval:def:9833",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
          },
          {
            "name": "35161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35161"
          },
          {
            "name": "FEDORA-2008-3419",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
          },
          {
            "name": "RHSA-2009:0981",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an \"addr=\" statement to the login name, aka \"audit log injection.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "30014",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30014"
        },
        {
          "name": "29982",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29982"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=commit%3Bh=8ccf0b253ac0f4f58d64bc9674de18bff5a88782"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0143"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git%3Ba=blobdiff%3Bf=login-utils/login.c%3Bh=230121316d953c59e7842c1325f6e9f326a37608%3Bhp=aad27794327c60391b5148b367d2c79338fc6ee4%3Bhb=8ccf0b253ac0f4f58d64bc9674de18bff5a88782%3Bhpb=3a4a13b12a8065b0b5354686d2807cce421a9973"
        },
        {
          "name": "ADV-2008-1392",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1392/references"
        },
        {
          "name": "utillinuxng-login-data-manipulation(41987)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41987"
        },
        {
          "name": "1022256",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022256"
        },
        {
          "name": "MDVSA-2008:114",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:114"
        },
        {
          "name": "20091112 rPSA-2009-0143-1 util-linux util-linux-extras",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507854/100/0/threaded"
        },
        {
          "name": "28983",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28983"
        },
        {
          "name": "oval:org.mitre.oval:def:9833",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9833"
        },
        {
          "name": "35161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35161"
        },
        {
          "name": "FEDORA-2008-3419",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00624.html"
        },
        {
          "name": "RHSA-2009:0981",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0981.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-1926",
    "datePublished": "2008-04-23T17:00:00.000Z",
    "dateReserved": "2008-04-23T00:00:00.000Z",
    "dateUpdated": "2024-08-07T08:40:59.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHBA-2009:0070

CVE-2008-1926 (GCVE-0-2008-1926)

Tags

Sightings

Nomenclature