12 matches found
EUVD-2018-11733
Malware in sbrugna...
FreeBSD : webmin -- CGI Command Injection Remote Code Execution (805ad2e0-49da-11f0-87e8-bcaec55be5e5)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 805ad2e0-49da-11f0-87e8-bcaec55be5e5 advisory. Webmin reports: A less-privileged Webmin user can execute commands as root via a vulnerability in the...
webmin -- CGI Command Injection Remote Code Execution
Webmin reports: A less-privileged Webmin user can execute commands as root via a vulnerability in the shell autocomplete feature...
RHEL 5 : zsh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: buffer overrun in symlinks CVE-2017-18206 - In builtin.c in zsh before 5.4, when sh compatibility mo...
Arbitrary Code Execution
busybox is vulnerable to arbitrary code execution. The vulnerability exists in the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any...
Debian DLA-1335-1 : zsh security update
Two security vulnerabilities were discovered in the Z shell. CVE-2018-1071 Stack-based buffer overflow in the exec.c:hashcmd function. A local attacker could exploit this to cause a denial of service. CVE-2018-1083 Buffer overflow in the shell autocomplete functionality. A local unprivileged user...
Buffer overflow
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...
CVE-2018-1083
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...
CVE-2018-1083
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...
CVE-2018-1083
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...
CVE-2018-1083
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...
CVE-2018-1083
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mention...