271 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-1395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with t...
Linux Distros Unpatched Vulnerability : CVE-2019-13636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. CVE-2019-13636 Note...
Linux Distros Unpatched Vulnerability : CVE-2014-9637
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff file. CVE-2014-963...
Linux Distros Unpatched Vulnerability : CVE-2015-1196
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. CVE-2015-1196 Note that Nessus relies on the presence ...
Linux Distros Unpatched Vulnerability : CVE-2016-10713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead to DoS via a crafted input file...
Linux Distros Unpatched Vulnerability : CVE-2018-1000156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in...
Linux Distros Unpatched Vulnerability : CVE-2010-4651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a...
Advisory ROSA-SA-2024-2468
software: patch 2.7.6 OS: ROSA-CHROME packageevrstring: patch-2.7.6-5 CVE-ID: CVE-2018-6951 BDU-ID: 2023-01652 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the intuitdifftype function of the pch.c component of the Patch edit transfer program is related to pointer dereferencing errors. Exploitatio...
CBL Mariner 2.0 Security Update: patch (CVE-2018-1000156)
The version of patch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-1000156 advisory. - GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specificall...
CBL Mariner 2.0 Security Update: patch (CVE-2019-13638)
The version of patch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-13638 advisory. - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafte...
CBL Mariner 2.0 Security Update: patch (CVE-2018-20969)
The version of patch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-20969 advisory. - doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: thi...
CBL Mariner 2.0 Security Update: patch (CVE-2018-6951)
The version of patch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-6951 advisory. - An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL...
RHEL 7 : patch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - patch: directory traversal via file rename CVE-2015-1395 - GNU patch 2.7.1 allows remote attackers to wri...
RHEL 5 : patch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - patch: OS shell command injection when processing crafted patch files CVE-2019-13638 - An issue was...
Oracle Linux 8 : patch (ELSA-2020-1852)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1852 advisory. - CVE-2019-13636 , Dont follow symlinks unless --follow-symlinks is given Tenable has extracted the preceding description block directly from the Oracle Linux...
Oracle Linux 7 : patch (ELSA-2019-2033)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2033 advisory. - Fixed CVE-2016-10713 - Out-of-bounds access in pchwriteline function - Fixed CVE-2018-6952 - Double free of memory Tenable has extracted the precedin...
SUSE CVE-2015-1196
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...
SUSE CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...
SUSE CVE-2015-1396
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196...
SUSE CVE-2016-10713
An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead to DoS via a crafted input file...