Lucene search
K

61 matches found

RedHat Linux
RedHat Linux
added 2020/05/19 10:43 p.m.7 views

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

7.8CVSS6AI score0.01385EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/06 4:56 p.m.8 views

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

7.8CVSS6AI score0.01385EPSS
Exploits0References4
OSV
OSV
added 2020/04/02 5:15 p.m.3 views

UBUNTU-CVE-2019-14868

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those...

7.8CVSS5.8AI score0.01385EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.27 views

Fedora: Security Advisory for zsh (FEDORA-2020-9009363f0f)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.9AI score0.00495EPSS
Exploits0References2
Fedora
Fedora
added 2020/03/12 9:57 p.m.47 views

[SECURITY] Fedora 31 Update: zsh-5.7.1-6.fc31

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

7.8CVSS0.8AI score0.00495EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/02/24 9:5 a.m.5 views

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

7.8CVSS6AI score0.01385EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/20 10:19 a.m.5 views

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

7.8CVSS6AI score0.01385EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2020/02/20 12:0 a.m.49 views

ksh security update

20120801-253.0.1.el81 - Disable ASTnospawnveg for taskset workaround Orabug: 26754277 Red Hat Bug: 1295563 20120801-253 - Do not evaluate arithmetic expressions from environment variables at startup Resolves: 1790546...

7.8CVSS1.5AI score0.01385EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/02/17 9:3 a.m.12 views

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

7.8CVSS6AI score0.01385EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/05 12:15 p.m.6 views

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

7.8CVSS6AI score0.01385EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/12/13 12:0 a.m.3 views

PT-2020-9609 · Ksh +3 · Ksh +3

Name of the Vulnerable Software and Affected Versions: ksh version 20120801 Description: A flaw was found in the way ksh evaluates certain environment variables, allowing an attacker to override or bypass environment restrictions to execute shell commands. Services and applications that allow...

7.8CVSS7AI score0.01385EPSS
Exploits0References51
Fedora
Fedora
added 2016/09/25 8:49 p.m.37 views

[SECURITY] Fedora 23 Update: bash-4.3.42-4.fc23

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

7.5CVSS1.2AI score0.06019EPSS
Exploits0
Fedora
Fedora
added 2016/09/23 4:20 p.m.45 views

[SECURITY] Fedora 24 Update: bash-4.3.42-6.fc24

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

7.5CVSS1.2AI score0.06019EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/11/03 12:0 a.m.25 views

GLSA-201511-01 : MirBSD Korn Shell: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201511-01 MirBSD Korn Shell: Arbitrary code execution Improper sanitation of environment import allows for appending of values to passed parameters. Impact : An attacker who already had access to the environment could so append...

5.7AI score
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2015/11/02 12:0 a.m.20 views

MirBSD Korn Shell: Arbitrary code execution

Background MirBSD Korn Shell is an actively developed free implementation of the Korn Shell programming language and a successor to the Public Domain Korn Shell. Description Improper sanitation of environment import allows for appending of values to passed parameters. Impact An attacker who alrea...

3AI score
Exploits0
Fedora
Fedora
added 2015/04/30 11:46 a.m.18 views

[SECURITY] Fedora 21 Update: mksh-50f-1.fc21

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Fedora
Fedora
added 2015/04/26 12:45 p.m.21 views

[SECURITY] Fedora 22 Update: mksh-50f-1.fc22

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Fedora
Fedora
added 2014/10/10 4:0 p.m.17 views

[SECURITY] Fedora 19 Update: mksh-50c-1.fc19

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Fedora
Fedora
added 2014/10/05 8:13 a.m.57 views

[SECURITY] Fedora 20 Update: bash-4.2.51-2.fc20

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

10CVSS1.2AI score0.9994EPSS
Exploits17
Fedora
Fedora
added 2014/09/27 10:3 a.m.57 views

[SECURITY] Fedora 21 Update: bash-4.3.22-3.fc21

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

10CVSS1.2AI score0.99999EPSS
Exploits131
Rows per page
Query Builder