Astra Linux - уязвимость в zsh

In Zsh before version 5.8, attackers who were able to execute commands could regain privileges lost due to the --no-PRIVILEGED option. Zsh failed to overwrite the saved user ID, so the original privileges could be restored by executing MODULEPATH=/dir/with/module zmodload with a module that calls...

MiracleLinux 8 : zsh-5.5.1-9.el8 (AXSA:2022-3376:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3376:01 advisory. zsh: Prompt expansion vulnerability CVE-2021-45444 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. No...

MiracleLinux 8 : zsh-5.5.1-6.el8.2 (AXSA:2020-122:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-122:05 advisory. zsh: insecure dropping of privileges when unsetting PRIVILEGED option CVE-2019-20044 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : zsh-5.0.2-33.el7 (AXSA:2019-3997:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3997:01 advisory. zsh: Improper handling of shebang line longer than 64 CVE-2018-13259 Tenable has extracted the preceding description block directly from the MiracleLinux...

EUVD-2007-6177

Malware in sbrugna...

EUVD-2018-5207

Malware in sbrugna...

EUVD-2017-9338

Malware in sbrugna...

EUVD-2018-1324

Malware in sbrugna...

EUVD-2016-1713

Malware in sbrugna...

EUVD-2018-11748

Malware in sbrugna...

EUVD-2014-1137

Malware in sbrugna...

EUVD-2019-10600

Malware in sbrugna...

EUVD-2018-19275

Malware in sbrugna...

EUVD-2017-9339

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-45444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs...

TencentOS Server 3: zsh (TSSA-2022:0073)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0073 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0205: zsh (ALINUX3-SA-2022:0205)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0205 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-45444: In zsh before 5.8.1, an attacker ca...

Alibaba Cloud Linux 3 : 0073: zsh (ALINUX3-SA-2022:0073)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0073 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-20044: In Zsh before 5.8, attackers able t...

Slackware Linux 15.0 zsh Vulnerability (SSA:2025-109-01)

The version of zsh installed on the remote host is prior to 5.9. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-109-01 advisory. New zsh packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description block directly...

Linux Distros Unpatched Vulnerability : CVE-2018-1083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially...