12 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-2524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a...
Mageia: Security Advisory (MGASA-2014-0319)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : readline (MDVSA-2015:132)
Updated readline packages fix security vulnerability : Steve Kemp discovered the rltropen function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks CVE-2014-2524. Also, upstream patches have been added to fix an infinite loop in v...
bash: security and bugfix update (critical)
bash was updated to fix a critical security issue, a minor security issue and bugs: In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash...
openSUSE Security Update : bash (openSUSE-SU-2014:1226-1) (Shellshock)
bash was updated to fix a critical security issue, a minor security issue and bugs : In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash...
CVE-2014-2524
CVE-2014-2524 affects the GNU readline library, specifically the _rl_tropen function in util.c prior to 6.3 patch 3. A local attacker can exploit a symlink to create or overwrite arbitrary files via /var/tmp/rltrace.[PID]. This is a local privilege escalation/vector issue. The documented remediat...
Mandriva Linux Security Advisory : readline (MDVSA-2014:154)
Updated readline packages fix security vulnerability : Steve Kemp discovered the rltropen function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks CVE-2014-2524. Also, upstream patches have been added to fix an infinite loop in v...
Updated readline packages fix security vulnerability
Steve Kemp discovered the rltropen function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks CVE-2014-2524. Also, upstream patches have been added to fix an infinite loop in vi input mode, and to fix an issue with slowness when...
Fedora Update for mingw-readline FEDORA-2014-6866
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-readline FEDORA-2014-6820
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : mingw-readline-6.2-4.fc20 (2014-6820)
Fix CVE-2014-2524 RHBZ 1077035 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 19 : mingw-readline-6.2-4.fc19 (2014-6866)
Fix CVE-2014-2524 RHBZ 1077035 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...