38 matches found
CLSA-2025-1761326171 Fix CVE(s): CVE-2019-18276
SECURITY UPDATE: privilege escalation vulnerability in privileged mode - debian/patches/CVE-2019-18276.patch: fix setuid/setgid handling when bash is running in privileged mode, use setresuid/setresgid over setuid/setgid when available - CVE-2019-18276...
Linux Distros Unpatched Vulnerability : CVE-2019-18276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real...
RHEL 7 : bash (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: when effective UID is not equal to its real UID the saved UID is not dropped CVE-2019-18276 - A...
RHEL 5 : bash (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution CVE-2016-7543 - bash: when...
RHEL 6 : bash (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: BASHCMD is writable in restricted bash shells CVE-2019-9924 - bash: a heap-buffer-overflow in...
Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.
Summary There were multiple Security Vulnerabilities that were reported against IBM Security Verify Access. These have been addressed in IBM Security Verify Access 10.0.7.0 Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is vulnerable to a denial of service, caused by stack-based...
K86221000: Bash vulnerability CVE-2019-18276
Security Advisory Description An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly...
USN-5380-1: Bash vulnerability | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges. Update...
Fix of CVE: CVE-2019-18276
CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID...
Fix of CVE: CVE-2019-18276
CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Bash vulnerability (USN-5380-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5380-1 advisory. It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use th...
Advisory ROSA-SA-2021-1802
Software: bash 4.2.46 OS: Cobalt 7.9 CVE-ID: CVE-2012-6711 CVE-Crit: HIGH CVE-DESC: A heap-based buffer overflow exists in GNU Bash before 4.3, when broad characters not supported by the current language standard set in the LCCTYPE environment variable are printed using the built-in echo function...
MGASA-2021-0288 Updated bash packages fix a security vulnerability
A privilege escalation vulnerability was found in bash in the way it dropped privileges when started with an effective user id not equal to the real user id. Bash may be vulnerable to this flaw if the setuid permission is set and the owner of the bash program itself is a non-root user. A local...
Updated bash packages fix a security vulnerability
A privilege escalation vulnerability was found in bash in the way it dropped privileges when started with an effective user id not equal to the real user id. Bash may be vulnerable to this flaw if the setuid permission is set and the owner of the bash program itself is a non-root user. A local...
Oracle Linux 8 : bash (ELSA-2021-1679)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1679 advisory. 4.4.19-14 - Fix hang when limit for nproc is very high Resolves: 1890888 4.4.19-13 - Correctly drop saved UID when effective UID is not equal to its real UID...
CentOS 8 : bash (CESA-2021:1679)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1679 advisory. - bash: when effective UID is not equal to its real UID the saved UID is not dropped CVE-2019-18276 Note that Nessus has not tested for this issue but has inste...
Low: Red Hat Security Advisory: bash security and bug fix update
An update for bash is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
CVE-2019-18276 affecting package bash 4.4.23-1
CVE-2019-18276 affecting package bash 4.4.23-1. A patched version of the package is available...
Huawei EulerOS: Security Advisory for bash (EulerOS-SA-2020-2328)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : bash (EulerOS-SA-2020-2328)
According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to...