Siemens Ruggedcom ROX OS Command Injection (CVE-2022-48624)

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504890;...

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.

...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.100187)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.100187 advisory. - A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the...

ROS-20240607-02

Vulnerability of closealtfile function for text terminals of UNIX-like Less systems is related to skipping Shellquote calls for LESSCLOSE in filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1789)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1716)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : less (EulerOS-SA-2024-1716)

According to the versions of the less package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE.CVE-2022-48624 Tenable has extracted the preceding...

CLSA-2024-1714065925 less: Fix of CVE-2022-48624

Fix CVE-2022-48624: filename.c closealtfile: before 606 omits shellquote calls for LESSCLOSE...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

SUSE SLES15 Security Update : less (SUSE-SU-2024:1190-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1190-1 advisory. - closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Note that Nessus has not tested for thi...

Important: less

Issue Overview: closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Affected Packages: less Issue Correction: Run yum update less or yum update --advisory ALAS-2024-1924 to update your system. New Packages: i686: less-436-13.13.amzn1.i686 ...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : less vulnerability (USN-6664-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6664-1 advisory. It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

DEBIAN-CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

UBUNTU-CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

Less Security Breach

Less is a text-finding application open-sourced by gwsw. A security vulnerability exists in versions prior to Less 606, which stems from the fact that closealtfile in filename.c omits the shellquote call to LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

CVE-2022-48624 affects the less utility (filename.c close_altfile) in versions prior to 606, where shell_quote handling for LESSCLOSE is omitted, enabling potential local command-injection via crafted filenames. Connected sources confirm the issue and show remediation guidance: upgrade to less 60...