MiracleLinux 8 : ksh-20120801-253.el8 (AXSA:2020-169:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-169:04 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

MiracleLinux 7 : ksh-20120801-140.el7 (AXSA:2020-4475:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4475:02 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

EUVD-2008-1845

Malware in sbrugna...

EUVD-1999-1095

Malware in sbrugna...

EUVD-2021-16215

Malware in sbrugna...

EUVD-1999-1096

Malware in sbrugna...

OS Command Exec, Unix Command Shell, Reverse TCP (via Ksh)

Execute an OS command from PHP. Connect back and create a command shell via Ksh. Note: Although Ksh is often available, please be aware it isn't usually installed by default. Module Options msf use payload/php/unix/cmd/reverseksh msf payloadreverseksh show actions ...actions... msf...

SUSE CVE-2019-14868

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those...

[SECURITY] Fedora 35 Update: bash-5.1.8-3.fc35

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

IBM AIX Permissions and Access Control Issues Vulnerability

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX is vulnerable to privilege licensing and access control issues, and attackers can exploit vulnerabilities in Korn Shell ksh to gain root access...

CVE-2021-29741

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell ksh to gain root privileges. IBM X-Force ID: 201478...

CVE-2021-29741

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell ksh to gain root privileges. IBM X-Force ID: 201478...

Code injection

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell ksh to gain root privileges. IBM X-Force ID: 201478...

CVE-2021-29741

CVE-2021-29741 affects IBM AIX 7.1, 7.2 and VIOS 3.1, where a local user could exploit a vulnerability in Korn Shell (ksh) to gain root privileges. Root cause and details are provided by IBM’s ksh advisory: multiple AIX filesets (bos.rte.shell) with vulnerable ksh versions across TLs, and APAR-ba...

CVE-2021-29741

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell ksh to gain root privileges. IBM X-Force ID: 201478...

AIX 7.2 TL 4 : ksh (IJ31614)

https://vulners.com/cve/CVE-2021-29741 https://vulners.com/cve/CVE-2021-29741 IBM AIX could allow a local user to exploit a vulnerability in Korn Shell ksh to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security...

There is a vulnerability in Korn Shell (ksh) that affects AIX,There is a vulnerability in Korn Shell (ksh) that affects VIOS

IBM SECURITY ADVISORY First Issued: Fri Jul 30 14:43:36 CDT 2021 |Updated: Wed Aug 11 14:52:54 CDT 2021 |Update: Corrected the AIX 7.1 TL5 affected fileset levels. The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/kshadvisory.asc...

IBM AIX 权限许可和访问控制问题漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX is vulnerable to privilege licensing and access control issues, and attackers can exploit vulnerabilities in Korn Shell ksh to gain root access...

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

Apple macOS Catalina ksh shell command execution vulnerability

Apple macOS Catalina is a specialized operating system developed for Mac computers. A security vulnerability in the Apple macOS Catalina ksh handling environment variable allows local attackers to exploit the vulnerability to submit a special request that can execute arbitrary SHELL commands...