4 matches found
UBUNTU-CVE-2014-1226
The pipeinitterminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-6876...
Re: possible bug in rcp...
On Wed, Nov 22, 2000 at 09:11:20AM +1100, Andrew Griffiths wrote: Here is a possible bug in rcp; since I think it calls system. I haven't had much time to play with this, because exama are coming up. It is negated because system calls /bin/cp which with the newer versions of bash, it drops it's...
possible rcp hole...
Here is a possible bug in rcp; since I think it calls system. I haven't had much time to play with this, because exama are coming up. It is negated because system calls /bin/cp which with the newer versions of bash, it drops it's effective credientals... $ ls -alF which rcp -rwsr-xr-x 1 root root...
PT-2014-9085 · Openbsd +10 · Openssh Sshd +11
Name of the Vulnerable Software and Affected Versions: bash versions prior to 4.3 bash-3.0 bash-3.2 bash-4.1.2 bash-4.2.45 bash-debuginfo bash-debuginfo-3.2 bash-debuginfo-4.1.2 bash-debuginfo-4.2.45 bash-debugsource bash-devel bash-doc bash-doc-4.1.2 bash-doc-4.2.45 bash-loadables...