12 matches found
SUSE: Security Advisory (SUSE-SU-2022:4253-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for busybox (openSUSE-SU-2022:0135-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:0135-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2559-1] busybox security update
Debian LTS Advisory DLA-2559-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 15, 2021 https://wiki.debian.org/LTS Package : busybox Version : 1:1.22.0-19+deb9u1 CVE ID : CVE-2011-5325 CVE-2015-9261 CVE-2016-2147 CVE-2016-2148 CVE-2017-15873 CVE-2017-165...
ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013)
The remote VMware ESXi host is version 6.0, 6.5 or 6.7 and is affected the following vulnerabilities: - A remote code execution vulnerability caused by a failure to sanitize filenames in the tab autocomplete feature of BusyBox. This allows an attacker to execute arbitrary code, write arbitrary...
VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
3a. VMware ESXi 'busybox' command injection vulnerability- CVE-2017-16544 ESXi contains a command injection vulnerability due to the use of vulnerable version of busybox that does not sanitize filenames which may result into executing any escape sequence in the shell. VMware has evaluated the...
VMSA-2019-0013:VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities.
VMware Security Advisories Advisory ID| VMSA-2019-0013.1 ---|--- Advisory Severity| Important CVSSv3 Range| 4.2-7.7 Synopsis| VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534...
GLSA-201803-12 : BusyBox: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201803-12 BusyBox: Multiple vulnerabilities Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code...
CVE-2017-16544
In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...
CVE-2017-16544
In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...
CVE-2017-16544
In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...
CVE-2017-16544
CVE-2017-16544 affects BusyBox, specifically the add_match function in libbb/lineedit.c, where tab completion can execute an escape sequence in the terminal due to unsanitized filenames (vulnerable through 1.27.2). Multiple connected advisories confirm the issue and describe potential arbitrary c...