CVE-2016-6903

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands...

CVE-2016-6902

CVE-2016-6902 concerns lshell 0.9.16, where remote authenticated users can break out of a limited shell and execute arbitrary commands. The vulnerability is documented across multiple feeds, with NVD noting high/critical impact (NETWORK, low/low credentials, no user interaction) and Mageia OSV/OS...

lshell Security Bypass Vulnerability

lshell is a set of shell commands written in Python for controlling the user's runtime environment. A security bypass vulnerability exists in lshell. An attacker could use this vulnerability to bypass security restrictions and perform unauthorized operations...

lshell security bypass vulnerability (CNVD-2016-06705)

lshell is a set of shell commands written in Python for controlling the user's runtime environment. A security bypass vulnerability exists in lshell. An attacker could use this vulnerability to bypass security restrictions and perform unauthorized operations...

LShell <= 0.9.15 - 远程代码执行

No description provided by source...

lshell -- Multiple security issues

lshell reports: It is possible to escape lshell if an allowed command can execute an arbitrary non allowed one issue 122. Inappropriate parsing of commands can lead to arbitrary command execution issue 147, 149, 151...

lshell -- Shell autocomplete reveals forbidden directories

lshell reports: The autocomplete feature allows users to list directories, while they do not have access to those paths issue 109...

LShell 0.9.15 - Remote Code Execution

LShell 0.9.15 - Remote Code Execution import paramiko import traceback from time import sleep Exploit lshell pathing vulnerability in = 0.9.15. Runs commands on the remote system. @dronesec if lensys.argv 4: print '%s: USER PW IP opt: port'%sys.argv0 sys.exit1 try: print '!...

LShell 0.9.15 - Remote Code Execution

import paramiko import traceback from time import sleep Exploit lshell pathing vulnerability in = 0.9.15. Runs commands on the remote system. @dronesec if lensys.argv 4: print '%s: USER PW IP opt: port'%sys.argv0 sys.exit1 try: print '! .............................' print '! lshell = 0.9.15 remo...

CVE-2004-2050

eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell...

CVE-2004-2050

CVE-2004-2050 concerns eSeSIX Thintune Thin Client firmware 2.4.38 and earlier. Local users can gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the hard-coded password maertsJ in lshell, enabling a local privilege escalation. OpenVAS notes a backdoor password (jstwo) in Thintune, indi...