41 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-13259
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is...
RHEL 6 : zsh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: Improper handling of shebang line longer than 64 CVE-2018-13259 - zsh before 5.0.7 allows evaluation...
RHEL 6 : zsh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: Improper handling of shebang line longer than 64 CVE-2018-13259 - In builtin.c in zsh before 5.4, wh...
Oracle Linux 7 : zsh (ELSA-2019-2017)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2017 advisory. 5.0.2-33 - fix regression in oh-my-zsh vcsinfo hooks introduced in -30 1677696 5.0.2-32 - fix improper handling of shebang line longer than 64 bytes...
SUSE SLES11 Security Update : zsh (SUSE-SU-2022:14910-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14910-1 advisory. - zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as...
SUSE: Security Advisory (SUSE-SU-2022:14910-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : zsh (SUSE-SU-2022:0161-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0161-1 advisory. - CVE-2018-0502: Fixed execve call vulnerability to program named on the second line when the beginning of a ! script file was...
SUSE-SU-2022:0161-1 Security update for zsh
This update for zsh fixes the following issues: - CVE-2018-0502: Fixed execve call vulnerability to program named on the second line when the beginning of a ! script file was mishandled. bsc1107296, bsc1107294 - CVE-2018-13259: Fixed execve call vulnerability to program name that is a substring o...
SUSE: Security Advisory (SUSE-SU-2018:2686-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2019-2459)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2019-2235)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for zsh (EulerOS-SA-2019-2684)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : zsh Vulnerability (NS-SA-2019-0200)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has zsh packages installed that are affected by a vulnerability: - An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is...
Amazon Linux AMI : zsh (ALAS-2019-1285)
It was discovered that zsh does not properly validate the shebang of input files and it truncates it to the first 64 bytes. A local attacker may use this flaw to make zsh execute a different binary than what is expected, named with a substring of the shebang one.CVE-2018-13259 C Tenable Network...
zsh security update
CentOS Errata and Security Advisory CESA-2019:2017 An update for zsh is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Scientific Linux Security Update : zsh on SL7.x x86_64 (20190806)
Security Fixes : - zsh: Improper handling of shebang line longer than 64 CVE-2018-13259 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128271; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate",...
zsh security and bug fix update
5.0.2-33 - fix regression in oh-my-zsh vcsinfo hooks introduced in -30 1677696 5.0.2-32 - fix improper handling of shebang line longer than 64 bytes CVE-2018-13259...
Moderate: Red Hat Security Advisory: zsh security and bug fix update
An update for zsh is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
openSUSE Security Update : zsh (openSUSE-2019-687)
This update for zsh to version 5.6 fixes the following security issues : - CVE-2018-0502: The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line bsc1107296. - CVE-2018-13259: Shebang lines exceeding 64 characters were truncated...
GLSA-201903-02 : Zsh: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201903-02 Zsh: User-assisted execution of arbitrary code Two input validation errors have been discovered in how Zsh parses scripts: Parsing a malformed shebang line could cause Zsh to call a program listed in the second line...