EulerOS 2.0 SP11 : bash (EulerOS-SA-2023-1026)

According to the versions of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parametertransform. This issue may lead to memory problems...

macOS/x64 Execve Caesar Cipher String Null-Free Shellcode (286 bytes)

Shellcode Title: macOS/x64 - Execve Caesar Cipher String Null-Free Shellcode 286 Bytes Shellcode Author: Bobby Cooke boku @0xBoku github.com/boku7 Tested on: macOS Monterey; 21.6.0 Darwin Kernel Version; x8664 Shellcode Description: macOS 64 bit shellcode. Uses execve syscall to spawn bash. The...

macOS/x64 Execve Null-Free Shellcode (253 bytes)

Shellcode Title: macOS/x64 - Execve Null-Free Shellcode 253 Bytes Shellcode Author: Bobby Cooke boku @0xBoku github.com/boku7 Date: 12/20/2022 Tested on: macOS Monterey; 21.6.0 Darwin Kernel Version; x8664 Shellcode Description: macOS 64 bit shellcode. Uses execve syscall to spawn bash. The strin...

Fedora 36 : bash (2022-4ff296fe8e)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-4ff296fe8e advisory. Add a null check in parameterbracetransform function Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 35 : bash (2022-5b644a935b)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-5b644a935b advisory. Add a null check in parameterbracetransform function Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Amazon Linux 2022 : git (ALAS2022-2022-236)

The version of git installed on the remote host is prior to 2.37.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-236 advisory. - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on...

Exploit for Incorrect Default Permissions in Askey Rtf3505Vw-N1_Firmware

Privilege-escalation-ASKEY-Router-RTF3505VW-N1 CVE-2022-47040...

Amazon Linux 2 : util-linux (ALAS-2022-1878)

The version of util-linux installed on the remote host is prior to 2.30.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1878 advisory. A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability...

Medium: util-linux

Issue Overview: A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion. CVE-2018-7738...

Heap Buffer Overflow

bash is vulnerable to a heap buffer overflow. The vulnerability exists in validparametertransform function of subst.c which allows an attacker to crash the system through potentially exploit heap corruption via a malicious HTML page...

Ian Dunn: Double evaluation in .bash_prompt of dotfiles allows a malicious repository to execute arbitrary commands

Summary Due to the improper usage of the PS1 environment variable in .bashprompt of dotfiles, a malicious repository can execute arbitrary commands when changed the current directory to it. Description The PS1 environment variable of bash supports command substitutions. For example, setting PS1 t...

OESA-2022-2100 bash security update

Bash is the GNU Project's shell. Bash is the Bourne Again SHell. Bash is an sh-compatible shell that incorporates useful features from the Korn shell ksh and C shell csh. It is intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. It offers functional improvements ove...

Exploit for Improper Input Validation in Imagemagick

Container Escape Exploit This is a container escape exploit t...

Arbitrary Code Execution

apacheairflow is vulnerable to arbitrary code execution. The vulnerability exists in example DAGs of examplebashoperator.py which allows an attacker to execute arbitrary commands via the manually provided runid parameter...

The vulnerability of the valid_parameter_transform function in the Bash operating system of Red Hat Enterprise Linux allows a hacker to execute arbitrary code.

The vulnerability of the validparametertransform function in the Bash library of the Red Hat Enterprise Linux operating system is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Code injection

An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary data goes directly to...

CVE-2022-44794

CVE-2022-44794 affects Object First Ootbi BETA, versions 1.0.7.712 through 1.0.13.1610. The root cause is an input validation flaw in the hostname-setting command within the management protocol, allowing a remote attacker with credentials to pass arbitrary data to Bash, enabling arbitrary code ex...

PT-2022-27314 · Unknown · Object First Ootbi Beta

Name of the Vulnerable Software and Affected Versions: Object First Ootbi BETA versions 1.0.7.712 through 1.0.13.1610 Description: An issue was discovered in the management protocol, allowing a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname...

CVE-2022-44794

An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary data goes directly to...

Object First 安全漏洞

Object First is a Veeam best-of-breed storage solution from Object First. A security vulnerability exists in Object First version 1.0.7.712, which stems from the command to set the hostname not validating the input parameters, resulting in arbitrary data that can be directed to the Bash...