EUVD-2016-8396

Malware in sbrugna...

K73705133: Bash vulnerability CVE-2016-7543

Security Advisory Description Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. CVE-2016-7543 Impact BIG-IP, F5 iWorkflow, BIG-IQ, and Enterprise Manager Impact is minimal for BIG-IP, iWorkflow, BIG-IQ, and...

Privilege Escalation

Bash is vulnerable to privilege escalation. This allows to local authenticated user to inject arbitrary commands via crafted SHELLOPTS and PS4 environment variables leading to data modification and disclosure of information...

Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit

No description provided by source. Sudo local root escalation privilege vuln versions : sudo 1.6.8p10 by breno You need sudo access execution for some bash script Use csh shell to change SHELLOPTS env ie: %cat x.sh !/bin/bash -x echo Getting root!! % cat /etc/sudoers ... breno ALL=ALL...

FreeBSD : sudo -- arbitrary command execution (1b725079-9ef6-11da-b410-000e0c2e438a)

Tavis Ormandy reports : The bash shell uses the value of the PS4 environment variable after expansion as a prefix for commands run in execution trace mode. Execution trace mode xtrace is normally set via bash's -x command line option or interactively by running 'set -o xtrace'. However, it may al...