EulerOS 2.0 SP2 : bash (EulerOS-SA-2017-1164)

According to the versions of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute...

Medium: bash

Issue Overview: popd controlled free: A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session.CVE-2016-9401 Arbitrary code execution via malicious...

CVE-2016-0634

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine...

DEBIAN-CVE-2016-0634

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine...

ALPINE-CVE-2016-0634

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine...

CVE-2016-0634

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine...

CVE-2016-0634

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine...

CVE-2016-0634

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine...

CVE-2016-0634

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine...

CVE-2016-0634

CVE-2016-0634 concerns Bash 4.3 where expansion of '\h' in the prompt string can trigger arbitrary code execution when a hostname contains shell metacharacters. The vulnerability is triggered by a remote attacker with authenticated access (e.g., via DHCP-influenced hostname) and can result in arb...

CentOS 7 : bash (CESA-2017:1931)

An update for bash is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

bash security update

CentOS Errata and Security Advisory CESA-2017:1931 An update for bash is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : bash on SL7.x x86_64 (20170801)

Security Fixes : - An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. CVE-2016-0634 - An arbitrary command...

Automate Linux Swap Analysis: swap_digger

swapdigger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. Download Use the following...

Highly Customizable Raspberry Pi USB Attack Platform: P4wnP1

P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W required for HID backdoor. Introduction the Windows LockPicker unlock Windows boxes with weak passwords, fully automated by attaching P4wnP1 the HID covert channel backdoor Get remote...

See my how-to the Apache fuzzing and dig to a value of 1500 knife of vulnerability-vulnerability warning-the black bar safety net

Target In the AFL in the view of the Apache httpd server's crash logs, I found a lot of problems. For example, some crash testing with example in fuzz testing tools internal collapse, but also affect the test program stability. In this article, I will talk to you to explain the test case to crash...

Oracle Linux 7 : bash (ELSA-2017-1931)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1931 advisory. - CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: 1429838 - CVE-2016-7543: Fix for arbitrary code execution via...

RedHat Update for bash RHSA-2017:1931-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : bash (RHSA-2017:1931)

An update for bash is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

bash: Arbitrary code execution via malicious hostname

An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances...