15 matches found
SUSE CVE-2014-6277
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...
VulnCheck KEV: CVE-2014-6277
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...
Ubuntu 14.04 LTS : Bash vulnerabilities (USN-2380-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2380-1 advisory. Michal Zalewski discovered that Bash incorrectly handled parsing certain function definitions. If an attacker were able to create an environment variable...
[SECURITY] Fedora 20 Update: ctags-5.8-16.fc20
Ctags generates an index or tag file of C language objects found in C source and header files. The index makes it easy for text editors or other utilities to locate the indexed items. Ctags can also generate a cross reference file which lists information about the various objects found in a set o...
Ubuntu: Security Advisory (USN-2380-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2380-1 bash vulnerabilities
Michal Zalewski discovered that Bash incorrectly handled parsing certain function definitions. If an attacker were able to create an environment variable containing a function definition with a very specific name, these issues could possibly be used to bypass certain environment restrictions and...
DEBIAN-CVE-2014-6278
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and...
VulnCheck KEV: CVE-2014-6271
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code...
DEBIAN-CVE-2014-6277
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...
UBUNTU-CVE-2014-6277
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...
Ubuntu 14.04 LTS : Bash vulnerability (USN-2362-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2362-1 advisory. Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment...
USN-2362-1 bash vulnerability
Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments...
USN-2362-1: Bash vulnerability
Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments...
PT-2013-1337 · Php · Php
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.4.16 RC1 PHP versions prior to 5.5.0 RC2 Description: The issue exists due to insufficient input validation in the Zend Engine component of the PHP programming language interpreter. This can be exploited by a remote...
CVE-2007-0486
Multiple PHP remote file inclusion vulnerabilities in Openads aka phpAdsNew 2.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the 1 phpAdsgeoPlugin parameter to libraries/lib-remotehost.inc, the 2 filename parameter to admin/report-index, or the 3 phpAdsconfigmyfooter...