3 matches found
EUVD-2014-7685
Malware in sbrugna...
[ MDVSA-2014:232 ] glibc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:232 http://www.mandriva.com/en/support/security/ Package : glibc Date : November 27, 2014 Affected: Business Server 1.0 Problem Description: Updated glibc package fixes security vulnerability: The function...
MGASA-2014-0496 Updated glibc packages fix CVE-2014-7817
The function wordexp fails to properly handle the WRDENOCMD flag when processing arithmetic inputs in the form of "$... " where "..." can be anything valid. The backticks in the arithmetic epxression are evaluated by in a shell even if WRDENOCMD forbade command substitution. This allows an attack...