Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-18205
HistoryFeb 27, 2018 - 10:29 p.m.

CVE-2017-18205

2018-02-2722:29:00
CWE-476
[email protected]
web.nvd.nist.gov
49
zsh
cve-2017-18205
null pointer
sh compatibility
cd command

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.2%

JSON

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.

CPENameOperatorVersion
zsh_project:zshzsh project zshlt5.4

Related

prion 1
ubuntucve 1
redhatcve 1
nessus 18
debiancve 1
photon 2
fedora 1
mageia 1
openvas 10
amazon 2
slackware 1
gentoo 1
oraclelinux 1
redhat 1
centos 1
ubuntu 1
suse 2
prion
prion
Null pointer dereference
2018-02-27 22:29:00
ubuntucve
ubuntucve
CVE-2017-18205
2018-02-27 00:00:00
redhatcve
redhatcve
CVE-2017-18205
2018-03-02 06:48:52
nessus
nessus
Photon OS 2.0: Zsh PHSA-2020-2.0-0222
2020-04-10 00:00:00
Fedora 26 : zsh (2018-9cdf18a850)
2018-03-21 00:00:00
Amazon Linux 2 : zsh (ALAS-2018-986)
2018-04-18 00:00:00
debiancve
debiancve
CVE-2017-18205
2018-02-27 22:29:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0222
2020-03-27 00:00:00
Important Photon OS Security Update - PHSA-2020-0222
2020-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: zsh-5.3.1-7.fc26
2018-03-20 17:37:50
mageia
mageia
Updated zsh packages fix security vulnerabilities
2018-03-14 19:21:20
openvas
openvas
Fedora Update for zsh FEDORA-2018-9cdf18a850
2018-03-21 00:00:00
Mageia: Security Advisory (MGASA-2018-0168)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2018-1090)
2020-01-23 00:00:00
amazon
amazon
Low: zsh
2018-04-05 16:13:00
Medium: zsh
2018-12-06 00:20:00
slackware
slackware
[slackware-security] zsh
2019-01-14 04:33:07
gentoo
gentoo
Zsh: Multiple vulnerabilities
2018-05-26 00:00:00
oraclelinux
oraclelinux
zsh security and bug fix update
2018-11-05 00:00:00
redhat
redhat
(RHSA-2018:3073) Moderate: zsh security and bug fix update
2018-10-30 04:16:11
centos
centos
zsh security update
2018-11-15 18:54:22
ubuntu
ubuntu
Zsh vulnerabilities
2018-03-08 00:00:00
suse
suse
Security update for zsh (important)
2018-04-25 18:07:15
Security update for zsh (important)
2018-04-27 00:07:15

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.2%

JSON
Related for CVE-2017-18205
prion1ubuntucve1redhatcve1nessus18debiancve1photon2fedora1mageia1openvas10amazon2slackware1gentoo1oraclelinux1redhat1centos1ubuntu1suse2