96 matches found
The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the bash package in the SUSE Linux Enterprise operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Ubuntu: Security Advisory (USN-2380-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : bash-4.2.51-2.fc20 (2014-12202)
Swapping Florian's unofficial patches for those released by bash upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducin...
Fedora Update for bash FEDORA-2014-11503
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2364-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : bash-4.3.25-2.fc21 (2014-11718) (Shellshock)
Fix for CVE-2014-7169 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 19 : bash-4.2.48-2.fc19 (2014-11514) (Shellshock)
This build should fix CVE-2014-7169 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Fedora 19 : bash-4.2.47-2.fc19 (2014-11503)
Disclosure - http://www.openwall.com/lists/oss-security/2014/09/24/10 Behaviour prior to patch : $ env x=' :;; echo OOPS' bash -c /usr/sbin/nologin OOPS This account is currently not available. Note that Tenable Network Security has extracted the preceding description block directly from the Fedo...
bash (rebuild for Slackware 13.0 only)
New bash packages are available for Slackware 13.0 to fix a security issue. Here are the details from the Slackware 13.0 ChangeLog: patches/packages/bash-3.1.018-i486-3slack13.0.txz: Rebuilt. The patch for CVE-2014-7169 needed to be rebased against bash-3.1 in order to apply correctly. Thanks to ...
CentOS Update for bash CESA-2014:1293 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 5 : bash (RHSA-2011:1073)
An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...
Code injection
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LSOPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename...
CVE-2010-0002
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LSOPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename...
CVE-2010-0002
The Red Hat/Mandriva family advisories confirm CVE-2010-0002 affects Mandriva’s Bash packages where /etc/profile.d/60alias.sh enables --show-control-chars in LS_OPTIONS, allowing local users to craft filenames that inject terminal escape sequences or hide files. Impact is local, with potential di...
CVE-2010-0002
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LSOPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename...
Mandriva Linux Security Advisory : bash (MDVSA-2010:004)
A vulnerability have been discovered in Mandriva bash package, which could allow a malicious user to hide files from the ls command, or garble its output by crafting files or directories which contain special characters or escape sequences CVE-2010-0002. This update fixes the issue by disabling t...