34 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-1071
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd function. A local attacker could exploit this to cause a denial o...
RHEL 5 : zsh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: buffer overrun in symlinks CVE-2017-18206 - In builtin.c in zsh before 5.4, when sh compatibility mo...
RHEL 6 : zsh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: Improper handling of shebang line longer than 64 CVE-2018-13259 - In builtin.c in zsh before 5.4, wh...
SUSE SLES11 Security Update : zsh (SUSE-SU-2022:14910-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14910-1 advisory. - zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as...
SUSE: Security Advisory (SUSE-SU-2022:14910-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1874-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2019-2235)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2018-1424)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : zsh (openSUSE-2019-501)
This update for zsh to version 5.5 fixes the following issues : Security issues fixed : - CVE-2018-1100: Fixes a buffer overflow in utils.c:checkmailpath that can lead to local arbitrary code execution bsc1089030 - CVE-2018-1071: Fixed a stack-based buffer overflow in exec.c:hashcmd bsc1084656 -...
[slackware-security] zsh
New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/zsh-5.6.2-i586-1slack14.2.txz: Upgraded. This release fixes security issues, including ones that could allow a local attacker to execu...
Slackware 14.0 / 14.1 / 14.2 : zsh (SSA:2019-013-01)
New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-013-01. The text itself is copyright C Slackware Linux, Inc...
EulerOS 2.0 SP2 : zsh (EulerOS-SA-2018-1424)
According to the versions of the zsh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zsh: buffer overflow when scanning very long directory paths for symbolic links CVE-2014-10072 - zsh: Stack-based buffer overflow in exec.c:hashcmd...
Scientific Linux Security Update : zsh on SL7.x x86_64 (20181030)
Security Fixes : - zsh: Stack-based buffer overflow in genmatchesfiles at compctl.c CVE-2018-1083 - zsh: buffer overflow for very long fds in & fd syntax CVE-2014-10071 - zsh: buffer overflow when scanning very long directory paths for symbolic links CVE-2014-10072 - zsh: NULL dereference in cd i...
Oracle Linux 7 : zsh (ELSA-2018-3073)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3073 advisory. - fix defects detected by Coverity related to CVE-2017-18206 and CVE-2018-1083 - fix stack-based buffer overflow in utils.c:checkmailpath CVE-2018-1100...
Moderate: Red Hat Security Advisory: zsh security and bug fix update
An update for zsh is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Ubuntu: Security Advisory (USN-3608-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for zsh (openSUSE-SU-2018:1893-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : zsh (openSUSE-2018-1094)
This update for zsh to version 5.6.2 fixes the following issues : These security issues were fixed : - CVE-2018-0502: The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line bsc1107296 - CVE-2018-13259: Shebang lines exceeding 6...
openSUSE: Security Advisory for zsh (openSUSE-SU-2018:2966-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for zsh (important)
This update for zsh to version 5.6.2 fixes the following issues: These security issues were fixed: - CVE-2018-0502: The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line bsc1107296 - CVE-2018-13259: Shebang lines exceeding 64...