CVE-2018-20839
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-20839
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
systemd 信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
systemd是德国Lennart Poettering软件开发者的一款基于Linux的系统和服务管理器。该产品兼容了SysV和LSB的启动脚本,且提供了一个用来表示系统服务间依赖关系的框架。 systemd 242版本中存在信息泄露漏洞。该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-20839
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-20839
请登录查看更多情报信息。
- https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993x_refsource_MISC
- https://security.netapp.com/advisory/ntap-20190530-0002/x_refsource_CONFIRM
- https://github.com/systemd/systemd/pull/12378x_refsource_MISC
- [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar-Apache Mail Archivesmailing-listx_refsource_MLIST
- https://nvd.nist.gov/vuln/detail/CVE-2018-20839
Same Patch Batch · n/a · 2019-05-17 · 65 CVEs total
| CVE-2019-0153 | Intel Converged Security and Management Engine 缓冲区错误漏洞 | |
| CVE-2019-8929 | ZOHO ManageEngine Netflow Analyzer 跨站脚本漏洞 | |
| CVE-2019-8926 | ZOHO ManageEngine Netflow Analyzer 跨站脚本漏洞 | |
| CVE-2019-8927 | ZOHO ManageEngine Netflow Analyzer 跨站脚本漏洞 | |
| CVE-2019-8928 | ZOHO ManageEngine Netflow Analyzer 跨站脚本漏洞 | |
| CVE-2019-0172 | Intel Unite Client 权限许可和访问控制问题漏洞 | |
| CVE-2019-0171 | Intel Quartus Software 权限许可和访问控制问题漏洞 | |
| CVE-2019-0138 | Intel ACU Wizard 权限许可和访问控制问题漏洞 | |
| CVE-2019-0132 | Intel Unite Client 输入验证错误漏洞 | |
| CVE-2019-0170 | Intel Dynamic Application Loader 缓冲区错误漏洞 | |
| CVE-2019-11085 | Intel i915 Graphics Kernel Mode Driver 输入验证错误漏洞 | |
| CVE-2019-0126 | Intel Xeon Scalable Processor和Intel Xeon Processor D Family 权限许可和访问控制问题漏洞 | |
| CVE-2019-0120 | 多款Intel产品访问控制错误漏洞 | |
| CVE-2019-0119 | 多款Intel产品缓冲区错误漏洞 | |
| CVE-2019-0116 | Intel Graphics Driver KMD模块缓冲区错误漏洞 | |
| CVE-2019-0115 | Intel Graphics Driver KMD模块输入验证错误漏洞 | |
| CVE-2019-0114 | Intel Graphics Drivers 竞争条件问题漏洞 | |
| CVE-2019-0113 | Intel Graphics Drivers 缓冲区错误漏洞 | |
| CVE-2019-0099 | Intel Server Platform Services 权限许可和访问控制问题漏洞 | |
| CVE-2019-0098 | Intel TXE和Intel Converged Security and Management Engine 权限许可和访问控制问题漏洞 |
Showing top 20 of 65 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2018-20839
No comments yet