RHEL 7 : ksh (RHSA-2020:5351)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5351 advisory. KornShell ksh is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell sh and includes many features o...

ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables...

EulerOS Virtualization 3.0.6.6 : ksh (EulerOS-SA-2020-2446)

According to the version of the ksh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2020-2446)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2020-2108)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : ksh (EulerOS-SA-2020-2108)

According to the version of the ksh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass...

NewStart CGSL MAIN 4.05 : ksh Vulnerability (NS-SA-2020-0046)

The remote NewStart CGSL host, running version MAIN 4.05, has ksh packages installed that are affected by a vulnerability: - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2020-1921)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : ksh (EulerOS-SA-2020-1921)

According to the version of the ksh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass...

Debian: Security Advisory (DLA-2284-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-2284-1 ksh - security update

Bulletin has no description...

Debian DLA-2284-1 : ksh security update

A flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables cou...

[SECURITY] [DLA 2284-1] ksh security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2284-1 [email protected] https://www.debian.org/lts/security/ Brian May July 21, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

EulerOS 2.0 SP2 : ksh (EulerOS-SA-2020-1681)

According to the version of the ksh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2020-1681)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

macOS 10.15.x < 10.15.5 / 10.14.x < 10.14.6 Security Update 2020-003 / 10.13.x < 10.13.6 Security Update 2020-003

The remote host is running a version of macOS / Mac OS X that is 10.15.x prior to 10.15.5, 10.13.x prior to 10.13.6 Security Update 2020-003, 10.14.x prior to 10.14.6 Security Update 2020-003. It is, therefore, affected by multiple vulnerabilities: - In ksh version 20120801, a flaw was found in t...

NewStart CGSL CORE 5.04 / MAIN 5.04 : ksh Vulnerability (NS-SA-2020-0024)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ksh packages installed that are affected by a vulnerability: - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environme...

Huawei EulerOS: Security Advisory for ksh (EulerOS-SA-2020-1583)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : ksh (EulerOS-SA-2020-1583)

According to the version of the ksh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass...

ksh bug fix and enhancement update

An update is available for ksh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...