10 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-1395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with t...
RHEL 7 : patch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - patch: directory traversal via file rename CVE-2015-1395 - GNU patch 2.7.1 allows remote attackers to wri...
SUSE: Security Advisory (SUSE-SU-2015:1019-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-1863)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : patch (EulerOS-SA-2019-2004)
According to the versions of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrar...
CVE-2015-1395
CVE-2015-1395 is a directory traversal vulnerability in GNU patch that affects versions before 2.7.3. An attacker can write to arbitrary files with the permissions of the target user via a .. in a diff file name. The vulnerability is referenced in multiple advisories across Linux distros (e.g., E...
USN-2651-1: GNU patch vulnerabilities
Jakub Wilk discovered that GNU patch did not correctly handle file paths in patch files. An attacker could specially craft a patch file that could overwrite arbitrary files with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. CVE-2010-4651 László...
Mandriva Linux Security Advisory : patch (MDVSA-2015:050)
Updated patch package fixes security vulnerabilities : It was reported that a crafted diff file can make patch eat memory and later segfault CVE-2014-9637. It was reported that the versions of the patch utility that support Git-style patches are vulnerable to a directory traversal flaw. This coul...
[ MDVSA-2015:050 ] patch
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:050 http://www.mandriva.com/en/support/security/ Package : patch Date : March 2, 2015 Affected: Business Server 1.0 Problem Description: Updated patch package fixes security vulnerabilities: It was reported...
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...