Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2020/10/19 12:0 a.m.32 views

Ubuntu 16.04 LTS : Newsbeuter vulnerabilities (USN-4585-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4585-1 advisory. It was discovered that Newsbeuter didn't handle the command line input properly. An remote attacker could use it to ran remote code by crafting a special...

9.3CVSS8.3AI score0.06404EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/10/16 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4585-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.8AI score0.06404EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/10/15 10:14 p.m.60 views

USN-4585-1: Newsbeuter vulnerabilities

It was discovered that Newsbeuter didn't handle the command line input properly. An remote attacker could use it to ran remote code by crafting a special input file. CVE-2017-12904 It was discovered that Newsbeuter didn't handle metacharacters in its filename properly. An remote attacker could us...

9.3CVSS8.2AI score0.06404EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2018/01/26 12:9 a.m.63 views

Security update for newsbeuter (important)

This update for newsbeuter fixes one issues. This security issue was fixed: - CVE-2017-14500: Improper Neutralization of special elements allowed remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure that includes shell metacharacters in its...

6.8CVSS8.9AI score0.03078EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/01/26 12:0 a.m.28 views

openSUSE Security Update : newsbeuter (openSUSE-2018-92)

This update for newsbeuter fixes one issues. This security issue was fixed : - CVE-2017-14500: Improper Neutralization of special elements allowed remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure that includes shell metacharacters in its...

8.8CVSS8.4AI score0.03078EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/01/26 12:0 a.m.24 views

openSUSE: Security Advisory for newsbeuter (openSUSE-SU-2018:0229-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.03078EPSS
Exploits0References2
Debian
Debian
added 2017/09/21 9:21 p.m.22 views

[SECURITY] [DLA 1104-1] newsbeuter security update

Package : newsbeuter Version : 2.5-2+deb7u3 CVE ID : CVE-2017-14500 Debian Bug : 876004 It was discovered that podbeuter, the podcast fetcher in newsbeuter, a text-mode RSS feed reader, did not properly escape the name of the media enclosure the podcast file, allowing a remote attacker to run an...

8.8CVSS9.1AI score0.03078EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/09/19 12:0 a.m.32 views

Debian DSA-3977-1 : newsbeuter - security update

It was discovered that podbeuter, the podcast fetcher in newsbeuter, a text-mode RSS feed reader, did not properly escape the name of the media enclosure the podcast file, allowing a remote attacker to run an arbitrary shell command on the client machine. This is only exploitable if the file is...

8.8CVSS8AI score0.03078EPSS
Exploits0References5
Debian
Debian
added 2017/09/18 6:35 p.m.18 views

[SECURITY] [DSA 3977-1] newsbeuter security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3977-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 18, 2017 https://www.debian.org/security/faq -...

6.8CVSS2.5AI score0.03078EPSS
Exploits0
Debian
Debian
added 2017/09/18 6:35 p.m.17 views

[SECURITY] [DSA 3977-1] newsbeuter security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3977-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 18, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.7AI score0.03078EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/09/17 5:29 a.m.20 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS7.6AI score0.03078EPSS
Exploits0References3
OSV
OSV
added 2017/09/17 5:29 a.m.19 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS8.9AI score
Exploits0References6
NVD
NVD
added 2017/09/17 5:29 a.m.13 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS8.9AI score0.03078EPSS
Exploits0References6
OSV
OSV
added 2017/09/17 5:29 a.m.2 views

ALPINE-CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS7.9AI score0.03078EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/09/17 5:0 a.m.40 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.9AI score0.03078EPSS
Exploits0References6
CVE
CVE
added 2017/09/17 5:0 a.m.114 views

CVE-2017-14500

CVE-2017-14500 concerns Newsbeuter/Podbeuter: improper neutralization of shell metacharacters in a podcast enclosure filename within an RSS item can enable user-assisted remote code execution. Affected range: Newsbeuter 0.3–2.9; exploitation relies on crafting a feed item with a malicious filenam...

8.8CVSS8.8AI score0.03078EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2017/09/17 5:0 a.m.20 views

CVE-2017-14500

Removed by vendor...

8.8CVSS8.7AI score0.03078EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2017/09/17 5:0 a.m.21 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS9AI score0.03078EPSS
Exploits0
ArchLinux
ArchLinux
added 2017/09/16 12:0 a.m.24 views

[ASA-201709-11] newsbeuter: arbitrary command execution

Arch Linux Security Advisory ASA-201709-11 ========================================== Severity: High Date : 2017-09-16 CVE-ID : CVE-2017-12904 CVE-2017-14500 Package : newsbeuter Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-401 Summary ======= The...

9.3CVSS2.9AI score0.06404EPSS
Exploits0References10
Rows per page
Query Builder