36 matches found
Design/Logic Flaw
The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but...
CVE-2021-35942
The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but...
CVE-2021-35942
The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but...
CVE-2021-35942
CVE-2021-35942 affects the GNU C Library (glibc) wordexp in posix/wordexp.c. The root cause is an integer/regex handling issue caused by using atoi instead of strtoul, which can lead to an out-of-bounds read or memory access. Exploitation can crash the process or cause information disclosure (DoS...
Privilege Escalation
sudo is vulnerable to privilege escalation vulnerability. sudo noexec restriction could have been bypassed if application run via sudo executed wordexp C library function with a user supplied argument which allow local users to inject arbitrary commands with elevated privileges...
EulerOS Virtualization 2.5.1 : sudo (EulerOS-SA-2018-1380)
According to the version of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen, or...
CVE-2016-7076
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...
UBUNTU-CVE-2016-7076
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...
Updated sudo packages fix security vulnerability
It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute...
MGASA-2016-0389 Updated sudo packages fix security vulnerability
It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute...
CentOS 6 : glibc (CESA-2015:0016)
Updated glibc packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Ubuntu 14.04 LTS : GNU C Library vulnerabilities (USN-2432-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2432-1 advisory. Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could...
GNU glibc code execution
wordexp function code execution...
Mandriva Linux Security Advisory : glibc (MDVSA-2014:232)
Updated glibc package fixes security vulnerability : The function wordexp\ fails to properly handle the WRDENOCMD flag when processing arithmetic inputs in the form of $... where ... can be anything valid. The backticks in the arithmetic epxression are evaluated by in a shell even if WRDENOCMD...
CVE-2014-7817
CVE-2014-7817 affects the GLIBC wordexp function (glibc) where WRDE_NOCMD was not enforced, allowing context-dependent local attackers to execute arbitrary commands via input containing shell substitutions (e.g., $(...)). Public disclosures and vendor advisories (Debian/DSA-3142-1; CentOS CESA no...
CVE-2014-7817
The wordexp function in GNU C Library aka glibc 2.21 does not enforce the WRDENOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$..."...