Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2017-14176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the...

10CVSS7.1AI score0.77823EPSS
Exploits10References2
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.46 views

CVE-2017-14176 affecting package bzr 2.7.0-

CVE-2017-14176 affecting package bzr 2.7.0-. No patch is available currently...

9.3CVSS9.9AI score0.05978EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.28 views

RHEL 6 : bzr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - bzr: does not strip bzr+ssh SSH options CVE-2017-14176 Note that Nessus has not tested for this issue but has inste...

8.8CVSS7.3AI score0.05978EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-3411-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.7AI score0.05978EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for bzr (EulerOS-SA-2021-1283)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.5AI score0.05978EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/02/05 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for bzr (EulerOS-SA-2021-1180)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.5AI score0.05978EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.51 views

EulerOS 2.0 SP5 : bzr (EulerOS-SA-2021-1180)

According to the version of the bzr package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash charact...

10CVSS7.6AI score0.77823EPSS
Exploits10References2
OSV
OSV
added 2018/06/01 10:36 a.m.9 views

SUSE-SU-2018:1489-1 Security update for bzr

Bzr was updated to fix a security issue: - CVE-2017-14176: Avoid code execution using ssh:// url injection boo1058214...

9.3CVSS9.3AI score0.05978EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.38 views

Debian: Security Advisory (DLA-1107-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.5AI score0.05978EPSS
Exploits0References3
Prion
Prion
added 2017/12/07 6:29 p.m.41 views

Design/Logic Flaw

httptransport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176,...

9.3CVSS8.6AI score0.77823EPSS
Exploits12References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/11/30 12:0 a.m.37 views

Debian DSA-4052-1 : bzr - security update

Adam Collard discovered that Bazaar, an easy to use distributed version control system, did not correctly handle maliciously constructed bzr+ssh URLs, allowing a remote attacker to run an arbitrary shell command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

9.3CVSS6.7AI score0.05978EPSS
Exploits0References6
Debian
Debian
added 2017/11/29 8:2 p.m.31 views

[SECURITY] [DSA 4052-1] bzr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4052-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 29, 2017 https://www.debian.org/security/faq -...

9.3CVSS8.8AI score0.05978EPSS
Exploits0
NVD
NVD
added 2017/11/27 10:29 a.m.26 views

CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

9.3CVSS8.6AI score0.05978EPSS
Exploits0References7
OSV
OSV
added 2017/11/27 10:29 a.m.14 views

CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

8.8CVSS9.1AI score0.05978EPSS
Exploits0References7
CVE
CVE
added 2017/11/27 10:0 a.m.234 views

CVE-2017-14176

CVE-2017-14176 affects Bazaar (bzr) 2.7.0 and earlier, via a vulnerability in subprocess SSH handling when using bzr+ssh URLs with an initial dash in the hostname. Connected data confirms the issue impacts the bzr 2.7.0- series; no patch is available currently. Exploitation details are not provid...

9.3CVSS9.2AI score0.05978EPSS
Exploits0References7Affected Software1
Debian
Debian
added 2017/09/23 1:39 p.m.30 views

[SECURITY] [DLA 1107-1] bzr security update

Package : bzr Version : 2.6.0bzr6526-1+deb7u1 CVE ID : CVE-2013-2099 CVE-2017-14176 Debian Bug : 709068 874429 CVE-2013-2099 Bazaar bundles SSL certificate checking code from Python, which had a bug that could cause a denial of service via resource consumption through multiple wildcards in...

9.3CVSS8.4AI score0.05978EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/09/12 7:48 a.m.43 views

CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

10CVSS7.5AI score0.77823EPSS
Exploits12References1
Rows per page
Query Builder