Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2006/02/01 12:0 a.m.29 views

Mandrake Linux Security Advisory : bzip2 (MDKSA-2006:026)

A bug was found in the way that bzgrep processed file names. If a user could be tricked into running bzgrep on a file with a special file name, it would be possible to execute arbitrary code with the privileges of the user running bzgrep. As well, the bzip2 package provided with Mandriva Linux 20...

4.6CVSS6AI score0.00529EPSS
Exploits1References2
securityvulns
securityvulns
added 2006/01/31 12:0 a.m.50 views

bzip2 bzgrep and gzip zgrep shell characters problem

Unfiltered characters in filename allow code execution...

4.2AI score
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.25 views

Ubuntu 4.10 / 5.04 : bzip2 vulnerability (USN-161-1)

USN-158-1 fixed a command injection vulnerability in the 'zgrep' utility. It was determined that the 'bzgrep' counterpart in the bzip2 package is vulnerable to the same flaw. bzgrep did not handle shell metacharacters like '|' and '&' properly when they occurred in input file names. This could be...

4.6CVSS5.8AI score0.00529EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2005/08/05 2:27 a.m.40 views

USN-161-1: bzip2 utility vulnerability

USN-158-1 fixed a command injection vulnerability in the "zgrep" utility. It was determined that the "bzgrep" counterpart in the bzip2 package is vulnerable to the same flaw. bzgrep did not handle shell metacharacters like '|' and '&' properly when they occurred in input file names. This could be...

4.6CVSS5.6AI score0.00529EPSS
Exploits1
Rows per page
Query Builder