Lucene search
HistoryJan 14, 2010 - 6:30 p.m.
CVE-2010-0002
cve-2010-0002
mandriva
bash package
bash
ls_options
escape sequences
terminal emulators
security vulnerability
6.1 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
15.0%
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename.
Related
securityvulns
securityvulns
bash terminal characters injection
2010-01-17 00:00:00
[ MDVSA-2010:004 ] bash
2010-01-17 00:00:00
debiancve
debiancve
CVE-2010-0002
2010-01-14 18:30:00
prion
prion
Code injection
2010-01-14 18:30:00
cvelist
cvelist
CVE-2010-0002
2022-10-03 16:21:13
ubuntucve
ubuntucve
CVE-2010-0002
2010-01-14 00:00:00
openvas
openvas
Mandriva Update for bash MDVSA-2010:004 (bash)
2010-01-19 00:00:00
Mandriva Update for bash MDVSA-2010:004 (bash)
2010-01-19 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : bash (MDVSA-2010:004)
2010-01-14 00:00:00
6.1 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
15.0%
Related for CVE-2010-0002