Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2014-2524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a...

3.3CVSS7.6AI score0.00432EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2014-0319)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS9.6AI score0.00432EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.27 views

Mandriva Linux Security Advisory : readline (MDVSA-2015:132)

Updated readline packages fix security vulnerability : Steve Kemp discovered the rltropen function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks CVE-2014-2524. Also, upstream patches have been added to fix an infinite loop in v...

3.3CVSS7.5AI score0.00432EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 12:4 p.m.46 views

bash: security and bugfix update (critical)

bash was updated to fix a critical security issue, a minor security issue and bugs: In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash...

10CVSS0.6AI score0.99999EPSS
Exploits131References3
Tenable Nessus
Tenable Nessus
added 2014/09/25 12:0 a.m.64 views

openSUSE Security Update : bash (openSUSE-SU-2014:1226-1) (Shellshock)

bash was updated to fix a critical security issue, a minor security issue and bugs : In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash...

10CVSS8.5AI score0.99999EPSS
Exploits131References6
CVE
CVE
added 2014/08/20 2:0 p.m.76 views

CVE-2014-2524

CVE-2014-2524 affects the GNU readline library, specifically the _rl_tropen function in util.c prior to 6.3 patch 3. A local attacker can exploit a symlink to create or overwrite arbitrary files via /var/tmp/rltrace.[PID]. This is a local privilege escalation/vector issue. The documented remediat...

3.3CVSS8.3AI score0.00432EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/08/07 12:0 a.m.27 views

Mandriva Linux Security Advisory : readline (MDVSA-2014:154)

Updated readline packages fix security vulnerability : Steve Kemp discovered the rltropen function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks CVE-2014-2524. Also, upstream patches have been added to fix an infinite loop in v...

3.3CVSS7.5AI score0.00432EPSS
Exploits0References2
Mageia
Mageia
added 2014/08/06 10:31 a.m.32 views

Updated readline packages fix security vulnerability

Steve Kemp discovered the rltropen function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks CVE-2014-2524. Also, upstream patches have been added to fix an infinite loop in vi input mode, and to fix an issue with slowness when...

3.3CVSS8.9AI score0.00432EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/06/17 12:0 a.m.24 views

Fedora Update for mingw-readline FEDORA-2014-6866

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS9.5AI score0.00432EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/06/17 12:0 a.m.24 views

Fedora Update for mingw-readline FEDORA-2014-6820

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS9.5AI score0.00432EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/10 12:0 a.m.26 views

Fedora 20 : mingw-readline-6.2-4.fc20 (2014-6820)

Fix CVE-2014-2524 RHBZ 1077035 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

3.3CVSS7.5AI score0.00432EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/10 12:0 a.m.20 views

Fedora 19 : mingw-readline-6.2-4.fc19 (2014-6866)

Fix CVE-2014-2524 RHBZ 1077035 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

3.3CVSS7.5AI score0.00432EPSS
Exploits0References2
Rows per page
Query Builder