Siemens Ruggedcom ROX OS Command Injection (CVE-2022-48624)

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504890;...

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.

...

Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-2670)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : less (EulerOS-SA-2024-1938)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE.CVE-2022-48624 less through 653 allows OS command execution via a...

less: OS command injection

An OS command injection flaw was found in Less. Since quoting is mishandled in filename.c, opening files with attacker-controlled file names can lead to OS command execution. Exploitation requires the LESSOPEN environment variable, which is set by default in many common cases...

CLSA-2024-1716272169 less: Fix of CVE-2022-48624

CVE-2022-48624: filename.c: shell-quote filenames when invoking LESSCLOSE...

CLSA-2024-1715946466 less: Fix of CVE-2024-32487

CVE-2024-32487: filename.c: quoting mishandling...

Arbitrary Command Execution

less is vulnerable to Arbitrary Command Execution.The vulnerability is due to the omission of shellquote calls for LESSCLOSE in the closealtfile function within the filename.c file of the less command-line utility, allows attackers to execute arbitrary commands...

CLSA-2024-1714065925 less: Fix of CVE-2022-48624

Fix CVE-2022-48624: filename.c closealtfile: before 606 omits shellquote calls for LESSCLOSE...

Slackware: Security Advisory (SSA:2024-105-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : less (ELSA-2024-1692)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1692 advisory. - Fix CVE-2022-48624 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

Important: less

Issue Overview: closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Affected Packages: less Issue Correction: Run yum update less or yum update --advisory ALAS-2024-1924 to update your system. New Packages: i686: less-436-13.13.amzn1.i686 ...

OESA-2024-1219 less security update

Less is a pager. A pager is a program that displays text files. Other pagers commonly in use are more and pg. Pagers are often used in command-line environments like the Unix shell and the MS-DOS command prompt to display files. Security Fixes: closealtfile in filename.c in less before 606 omits...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : less vulnerability (USN-6664-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6664-1 advisory. It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

DEBIAN-CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...