28 matches found
[SECURITY] Fedora 20 Update: fwsnort-1.6.4-1.fc20
fwsnort translates Snort rules into equivalent iptables rules and generates a Bourne shell script that implements the resulting iptables commands. In addition, fwsnort optionally uses the IPTables::Parse module to parse the iptables ruleset on the machine to determine which Snort rules are applic...
Mandrake Linux Security Advisory : man (MDKSA-2000:015)
Internet Security Systems ISS X-Force has identified a vulnerability in the makewhatis Bourne shell script that ships with many Linux distributions. It is found in versions 1.5e and higher of man, and handles temporary files insecurely. Local users may gain a variety of privileges depending on th...
CVE-2006-1780
The Bourne shell sh in Solaris 8, 9, and 10 allows local users to cause a denial of service sh crash via an unspecified attack vector that causes sh processes to crash during creation of temporary files...
Code injection
The Bourne shell sh in Solaris 8, 9, and 10 allows local users to cause a denial of service sh crash via an unspecified attack vector that causes sh processes to crash during creation of temporary files...
CVE-2006-1780
CVE-2006-1780 is a local DoS in the Bourne shell on SunOS/Solaris (Solaris 8, 9, 10) caused by a flaw during temporary-file creation that makes sh (and related shells like jsh/rsh/pfsh) crash. Connected advisories reference Solaris patch updates: 109324-10/109325-10 for Solaris 8, 9; 118535-06/11...
CVE-2006-1780
The Bourne shell sh in Solaris 8, 9, and 10 allows local users to cause a denial of service sh crash via an unspecified attack vector that causes sh processes to crash during creation of temporary files...
Generic Shell Variable Substitution Command Encoder
This encoder uses standard Bourne shell variable substitution tricks to avoid commonly restricted characters. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Generic Shell Variable Substitution...
/bin/ksh creates insecure tmp files
Recently I reported that, similarly to the recently discussed tcsh vulnerability, the Bourne shell /bin/sh creates temporary files in an insecure way: http://www.securityfocus.com/templates/archive.pike?list=1&[email protected] At the time I also tested the Korn...