Astra Linux - уязвимость в zsh

In zsh before version 5.8.1, an attacker can gain code execution if they control the command output within the prompt, as demonstrated by using a %F argument. This occurs due to the recursive PROMPTSUBST expansion...

EUVD-2014-1138

Malware in sbrugna...

Zsh 操作系统命令注入漏洞

Zsh is a command interpreter that can be used as a shell for interactive login and scripting. A security vulnerability exists in Zsh that stems from the recursive PROMPTSUBST extension. In zsh before 5.8.1, an attacker can achieve code execution by controlling the output of commands within the...

zsh utils.c:checkmailpath function stack buffer overflow vulnerability

Z Shell Zsh is a Unix shell that can be used as an interactive login shell and a shell script command interpreter. A stack buffer overflow vulnerability exists in the utils.c:checkmailpath function in zsh. A local attacker can exploit this vulnerability to execute arbitrary code in the context of...

UBUNTU-CVE-2018-1083

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...