Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2020/12/07 11:12 a.m.2 views

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

7.8CVSS6AI score0.01385EPSS
Exploits0References4
OSV
OSV
added 2020/04/02 5:15 p.m.3 views

DEBIAN-CVE-2019-14868

In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those...

7.8CVSS7.1AI score0.01385EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2000/12/22 12:0 a.m.26 views

ksh.temp-hole.txt

Author: Paul Szabo Recently I reported that, similarly to the recently discussed tcsh vulnerability, the Bourne shell /bin/sh creates temporary files in an insecure way: http://www.securityfocus.com/templates/archive.pike?list=1&msg=200011230225.N [email protected] At the time I als...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/21 12:0 a.m.16 views

Дырка в ksh

Проблема при создании временных файлов при перенаправлении ввода аналогична sh, tcsh bash и др...

0.5AI score
Exploits0References1
Rows per page
Query Builder