Lucene search
+L

76 matches found

UbuntuCve
UbuntuCve
added 2020/01/09 11:15 p.m.31 views

CVE-2019-20373

LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...

7.8CVSS7.1AI score0.00427EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/01/09 10:27 p.m.34 views

CVE-2019-20373

LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...

7.4AI score0.00427EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/01/09 10:27 p.m.53 views

CVE-2019-20373

Removed by vendor...

7.8CVSS7.6AI score0.00427EPSS
Exploits0
The Hacker News
The Hacker News
added 2019/10/11 10:20 a.m.127 views

UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

A 39-year-old password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers. In 2014, developer Leah Neukirchen spotted a...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/09/04 12:0 a.m.24 views

Scientific Linux Security Update : kdelibs and kde-settings on SL7.x x86_64 (20190903)

kdelibs: malicious desktop files and configuration files lead to code execution with minimal user interaction CVE-2019-14744 Bug Fixes: - kde.csh profile file contains bourne-shell code -- C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if...

7.8CVSS7.5AI score0.04069EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/03/26 12:0 a.m.77 views

Debian DLA-1726-1 : bash security update

Two issues have been fixed in bash, the GNU Bourne-Again Shell : CVE-2016-9401 The popd builtin segfaulted when called with negative out of range offsets. CVE-2019-9924 Sylvain Beucler discovered that it was possible to call commands that contained a slash when in restricted mode rbash by adding...

7.8CVSS6.5AI score0.00425EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2019/01/02 12:0 a.m.99 views

Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Hashicorp Consul Remote Command Execution via Rexec", 'Description' = %q This module exploits a feature of Hashicorp Consul named rexec. ,...

7.4AI score
Exploits0
Ubuntu
Ubuntu
added 2017/08/01 11:58 a.m.72 views

USN-3294-2: Bash vulnerability

USN-3294-1 fixed a vulnerability in Bash. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code wit...

8.4CVSS6.9AI score0.00576EPSS
Exploits0
Veracode
Veracode
added 2017/01/10 5:4 a.m.13 views

Man In The Middle (Mitm)

bourne is vulnerable to man-in-the-middle MitM attacks. The rubygems source is deprecated because HTTP requests are insecure. A malicious user can potentially compromise the source to conduct man-in-the-middle attacks...

6.6AI score
Exploits0
Lenovo
Lenovo
added 2016/11/16 12:0 a.m.43 views

GNU Bourne-Again Shell (Bash) 'Shellshock' - Lenovo Support US

No description provided...

9.9AI score
Exploits0
Fedora
Fedora
added 2016/10/13 2:58 a.m.30 views

[SECURITY] Fedora 23 Update: bash-4.3.42-5.fc23

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

8.4CVSS1.2AI score0.00576EPSS
Exploits0
Fedora
Fedora
added 2016/10/09 3:10 a.m.35 views

[SECURITY] Fedora 25 Update: bash-4.3.43-4.fc25

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

8.4CVSS1.2AI score0.00576EPSS
Exploits0
Fedora
Fedora
added 2016/09/25 8:49 p.m.37 views

[SECURITY] Fedora 23 Update: bash-4.3.42-4.fc23

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

7.5CVSS1.2AI score0.06019EPSS
Exploits0
Fedora
Fedora
added 2016/09/24 3:15 p.m.51 views

[SECURITY] Fedora 25 Update: bash-4.3.43-3.fc25

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

7.5CVSS1.2AI score0.06019EPSS
Exploits0
Fedora
Fedora
added 2016/09/23 4:20 p.m.45 views

[SECURITY] Fedora 24 Update: bash-4.3.42-6.fc24

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

7.5CVSS1.2AI score0.06019EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.9 views

Vulnerability of Cisco Nexus 7000 software, allowing attackers to access confidential information

The GNU Bash command shell, as of version 4.3 bash43-025 and later, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other undefined actions...

10CVSS8.3AI score0.9994EPSS
Exploits18References2
Fedora
Fedora
added 2015/04/30 11:46 a.m.18 views

[SECURITY] Fedora 21 Update: mksh-50f-1.fc21

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Fedora
Fedora
added 2015/04/30 11:37 a.m.15 views

[SECURITY] Fedora 20 Update: mksh-50f-1.fc20

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Fedora
Fedora
added 2015/04/26 12:45 p.m.21 views

[SECURITY] Fedora 22 Update: mksh-50f-1.fc22

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Fedora
Fedora
added 2014/10/10 4:8 p.m.24 views

[SECURITY] Fedora 20 Update: mksh-50c-1.fc20

mksh is the MirBSD enhanced version of the Public Domain Korn shell pdksh, a bourne-compatible shell which is largely similar to the original AT&T Korn shell. It includes bug fixes and feature improvements in order to produce a modern, robust shell good for interactive and especially script use,...

2.8AI score
Exploits0
Rows per page
Query Builder