Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.37 views

EulerOS 2.0 SP1 : bash (EulerOS-SA-2017-1031)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variablesCVE-2016-7543...

8.4CVSS6.7AI score0.00576EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2017/03/27 12:0 a.m.54 views

bash security and bug fix update

4.1.2-48 - Fix signal handling in read builtin Resolves: 1421926 4.1.2-47 - CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: 1396383 4.1.2-46 - CVE-2016-7543 - Fix for arbitrary code execution via SHELLOPTS+PS4 variables Resolves: 1379630 4.1.2-45 - CVE-2016-0634 - Fi...

8.4CVSS2.5AI score0.06019EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2017/01/19 8:59 p.m.0 views

CVE-2016-7543

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables...

8.4CVSS5.9AI score0.00576EPSS
Exploits0References15
Cvelist
Cvelist
added 2017/01/19 8:0 p.m.24 views

CVE-2016-7543

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables...

7.2AI score0.00576EPSS
Exploits0References11
CVE
CVE
added 2017/01/19 8:0 p.m.232 views

CVE-2016-7543

Summary: CVE-2016-7543 affects Bash before 4.4. The root cause is a flaw in handling SHELLOPTS and PS4 environment variables that, when combined with insecure setuid binaries or crafted hosts, enables local privilege escalation to root. Several connected sources confirm this issue across multiple...

8.4CVSS7.1AI score0.00576EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/11/23 12:0 a.m.302 views

SUSE SLED12 / SLES12 Security Update : bash (SUSE-SU-2016:2872-1) (Shellshock)

This update for bash fixes the following issues : - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables bsc1001299 - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the...

10CVSS7.3AI score0.99621EPSS
Exploits36References14
OSV
OSV
added 2016/10/26 12:0 a.m.36 views

DLA-680-1 bash - security update

Bulletin has no description...

8.4CVSS6.3AI score0.00576EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2016/09/27 9:47 a.m.20 views

CVE-2016-7543

An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances...

8.4CVSS4AI score0.00576EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit

No description provided by source. Sudo local root escalation privilege vuln versions : sudo 1.6.8p10 by breno You need sudo access execution for some bash script Use csh shell to change SHELLOPTS env ie: %cat x.sh !/bin/bash -x echo Getting root!! % cat /etc/sudoers ... breno ALL=ALL...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.51 views

FreeBSD : sudo -- arbitrary command execution (1b725079-9ef6-11da-b410-000e0c2e438a)

Tavis Ormandy reports : The bash shell uses the value of the PS4 environment variable after expansion as a prefix for commands run in execution trace mode. Execution trace mode xtrace is normally set via bash's -x command line option or interactively by running 'set -o xtrace'. However, it may al...

4.6CVSS5.8AI score0.00624EPSS
Exploits2References3
0day.today
0day.today
added 2005/11/09 12:0 a.m.38 views

Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit

Exploit for linux platform in category local exploits ================================================================ Sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! % ls...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2005/11/09 12:0 a.m.43 views

Sudo &lt;= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit

No description provided by source. Sudo local root escalation privilege vuln versions : sudo 1.6.8p10 by breno You need sudo access execution for some bash script Use csh shell to change SHELLOPTS env ie: %cat x.sh !/bin/bash -x echo "Getting root!!" % cat /etc/sudoers ... breno ALL=ALL...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/11/09 12:0 a.m.55 views

Sudo 1.6.8p9 - SHELLOPTS/PS4 Environment Variables Privilege Escalation

Sudo local root escalation privilege vuln versions : sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! % ls -lisa egg 1198941 8 -rwxr-xr-x 1 root root 7428 2005-11-09 13:54 eg...

7.4AI score
Exploits0
CVE
CVE
added 2005/10/25 4:0 a.m.73 views

CVE-2005-2959

CVE-2005-2959 concerns sudo 1.6.8 and earlier, where the SHELLOPTS and PS4 environment variables are not cleared during privilege-escalation prompts. The result is a local privilege escalation when a user with limited sudo privileges runs a bash script, as these variables can be passed through to...

4.6CVSS7.9AI score0.00624EPSS
Exploits2References19Affected Software1
Rows per page
Query Builder