4 matches found
CVE-2014-2093
CVE-2014-2093 affects Catfish (up to version 0.4.0.3). The vulnerability is an untrusted search path that lets local users gain privileges via a Trojan horse catfish.py in the current working directory. Connected advisories indicate multiple distributions released fixes (e.g., Mageia, Mandriva, G...
CVE-2014-2096
CVE-2014-2096: Untrusted search path vulnerability in Catfish (versions 0.6.0–1.0.0) allows local privilege escalation via a Trojan horse bin/catfish.py in the current working directory. Several advisories confirm the issue and provide fixes/recommend upgrading: Mageia MGASA-2014-0342 and Gentoo ...
CVE-2014-2094
Catfish contains an untrusted search path vulnerability affecting versions up to 0.4.0.3, where local users can gain privileges via a Trojan horse catfish.pyc in the current working directory when a Fedora package like 0.4.0.2-2 is not used. Multiple linked advisories (OSV/Ubuntu/NVD/Gentoo GLSA)...
CVE-2014-2095
CVE-2014-2095 affects Catfish 0.6.0–1.0.0. The class of vulnerability is an untrusted search path that enables local privilege escalation when a Trojan horse bin/catfish.pyc in the current working directory is executed, if the Fedora package (e.g., 0.8.2-1) is not used. Multiple sources (NVD/NIDS...