Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-18205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if...

8.1CVSS6.7AI score0.02124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 5 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: buffer overrun in symlinks CVE-2017-18206 - In builtin.c in zsh before 5.4, when sh compatibility mo...

8.4AI score0.03223EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 6 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: Improper handling of shebang line longer than 64 CVE-2018-13259 - In builtin.c in zsh before 5.4, wh...

7.6AI score0.02723EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/03/17 12:0 a.m.53 views

SUSE SLES11 Security Update : zsh (SUSE-SU-2022:14910-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14910-1 advisory. - zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as...

9.8CVSS7.9AI score0.03223EPSS
Exploits0References37
OpenVAS
OpenVAS
added 2022/03/15 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2022:14910-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.03223EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2020/04/10 12:0 a.m.21 views

Photon OS 2.0: Zsh PHSA-2020-2.0-0222

An update of the zsh package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0222. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135302;...

8.1CVSS7.4AI score0.02124EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2018-1090)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.03223EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2018-1091)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.03223EPSS
Exploits0References2
Slackware Linux
Slackware Linux
added 2019/01/14 4:33 a.m.120 views

[slackware-security] zsh

New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/zsh-5.6.2-i586-1slack14.2.txz: Upgraded. This release fixes security issues, including ones that could allow a local attacker to execu...

9.8CVSS0.5AI score0.03223EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/14 12:0 a.m.51 views

Slackware 14.0 / 14.1 / 14.2 : zsh (SSA:2019-013-01)

New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-013-01. The text itself is copyright C Slackware Linux, Inc...

9.8CVSS6.8AI score0.03223EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.25 views

Scientific Linux Security Update : zsh on SL7.x x86_64 (20181030)

Security Fixes : - zsh: Stack-based buffer overflow in genmatchesfiles at compctl.c CVE-2018-1083 - zsh: buffer overflow for very long fds in & fd syntax CVE-2014-10071 - zsh: buffer overflow when scanning very long directory paths for symbolic links CVE-2014-10072 - zsh: NULL dereference in cd i...

9.8CVSS7.9AI score0.03223EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.42 views

Oracle Linux 7 : zsh (ELSA-2018-3073)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3073 advisory. - fix defects detected by Coverity related to CVE-2017-18206 and CVE-2018-1083 - fix stack-based buffer overflow in utils.c:checkmailpath CVE-2018-1100...

9.8CVSS7.5AI score0.03223EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2018/10/30 9:54 a.m.73 views

Moderate: Red Hat Security Advisory: zsh security and bug fix update

An update for zsh is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.3AI score0.03223EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.31 views

GLSA-201805-10 : Zsh: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201805-10 Zsh: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Zsh. Please review the CVE identifiers referenced below for details. Impact : A local attacker could execute arbitrary code, escalate...

9.8CVSS7.3AI score0.03223EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2018/04/27 12:0 a.m.32 views

openSUSE: Security Advisory for zsh (openSUSE-SU-2018:1093-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.2AI score0.03223EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/27 12:0 a.m.30 views

openSUSE Security Update : zsh (openSUSE-2018-399)

This update for zsh fixes the following issues : - CVE-2014-10070: environment variable injection could lead to local privilege escalation bnc1082885 - CVE-2014-10071: buffer overflow in exec.c could lead to denial of service. bnc1082977 - CVE-2014-10072: buffer overflow In utils.c when scanning...

9.8CVSS7.1AI score0.03223EPSS
Exploits0References19
Amazon
Amazon
added 2018/04/05 12:0 a.m.32 views

Low: zsh

Issue Overview: NULL dereference in cd in sh compatibility mode under given circumstances In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 Null-pointer...

9.8CVSS9.2AI score0.03223EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/21 12:0 a.m.36 views

Fedora 26 : zsh (2018-9cdf18a850)

avoid crash when copying empty hash table CVE-2018-7549 - avoid NULL dereference when using $PA... on an empty array CVE-2018-7548 - fix buffer overrun in xsymlinks CVE-2017-18206 - fix NULL dereference in cd CVE-2017-18205 Note that Tenable Network Security has extracted the preceding...

9.8CVSS7.1AI score0.03223EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/03/02 6:48 a.m.22 views

CVE-2017-18205

A NULL pointer dereference flaw was found in the code responsible for the cd builtin command of the zsh package. An attacker could use this flaw to cause a denial of service by crashing the user shell...

8.1CVSS2.4AI score0.02124EPSS
Exploits0References1
CVE
CVE
added 2018/02/27 10:0 p.m.96 views

CVE-2017-18205

CVE-2017-18205 affects zsh (before 5.4): in sh compatibility mode, there is a NULL pointer dereference when executing cd with no argument if HOME is not set. This is linked across multiple advisories (e.g., Red Hat, SUSE, MiracleLinux, VMware Photon) as a vulnerability in zsh; the connected docum...

8.1CVSS6.4AI score0.02124EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder