MiracleLinux 8 : ksh-20120801-253.el8 (AXSA:2020-169:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-169:04 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

MiracleLinux 4 : ksh-20120801-38.AXS4 (AXSA:2020-4474:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4474:01 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

SUSE SLES12 Security Update : ksh (SUSE-SU-2024:2756-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2756-1 advisory. - CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression bsc1160796 Other fixes: ...

RHEL 5 : ksh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection...

Oracle Linux 8 : ksh (ELSA-2020-0559)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-0559 advisory. 20120801-253.0.1.el81 - Disable ASTnospawnveg for taskset workaround Orabug: 26754277 Red Hat Bug: 1295563 20120801-253 - Do not evaluate arithmetic expressions...

Mageia: Security Advisory (MGASA-2021-0141)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2021-2142)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : ksh (EulerOS-SA-2021-2142)

According to the version of the ksh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to...

Advisory ROSA-SA-2021-1860

Software: ksh 20120801 OS: Cobalt 7.9 CVE-ID: CVE-2019-14868 CVE-Crit: HIGH CVE-DESC: a bug was discovered in ksh version 20120801 in the way certain environment variables are evaluated. An attacker could exploit this vulnerability to override or bypass environment restrictions to execute shell...

Updated ksh packages fix security vulnerability

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

MGASA-2021-0141 Updated ksh packages fix security vulnerability

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

EulerOS 2.0 SP9 : ksh (EulerOS-SA-2021-1266)

According to the version of the ksh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass...

EulerOS 2.0 SP9 : ksh (EulerOS-SA-2021-1247)

According to the version of the ksh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2021-1266)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2021-1247)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : ksh (RHSA-2020:5352)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5352 advisory. KornShell ksh is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell sh and includes many features o...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ksh Vulnerability (NS-SA-2020-0093)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ksh packages installed that are affected by a vulnerability: - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environme...

RHEL 7 : ksh (RHSA-2020:5351)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5351 advisory. KornShell ksh is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell sh and includes many features o...

Important: Red Hat Security Advisory: ksh security update

An update for ksh is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2020-2446)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...