18 matches found
CVE-2014-6271
CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...
CVE-2014-7169
CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...
CVE-2019-9924
CVE-2019-9924 : Bash rbash prior to 4.4-beta2 could allow a shell user to modify BASH_CMDS and thereby execute arbitrary commands with the shell’s permissions. IBM CP4S advisory confirms affected product versions: Cloud Pak for Security (CP4S) 1.8.1.0, 1.8.0.0, and 1.7.2.0. Remediation is to upgr...
CVE-2014-6278
CVE-2014-6278 affects GNU Bash up to 4.3 bash43-026, where parsing of function definitions inside environment variable values is flawed, enabling remote arbitrary command execution across privilege boundaries. Documented vectors include ForceCommand in OpenSSH sshd, mod_cgi/mod_cgid in Apache, an...
CVE-2014-6277
CVE-2014-6277 affects GNU Bash up to version 4.3 with the patch level bash43-026. It abuses how Bash parses function definitions inside environment variables, enabling remote code execution or denial of service via crafted environments that cross privilege boundaries (e.g., across sshd ForceComma...
CVE-2019-18276
CVE-2019-18276 affects GNU Bash up to 5.0 patch 11, where disable_priv_mode in shell.c incorrectly drops privileges when UID real != effective, leaving the saved UID intact. An attacker with shell command execution can use enable -f to load a new builtin (shared object) that calls setuid(), regai...
CVE-2022-3715
CVE-2022-3715 affects Bash with a heap-based buffer overflow in valid_parameter_transform. The issue allows a local authenticated attacker to overflow a buffer and execute arbitrary code in the context of the current process. Multiple advisories reference Bash fixes/upgrades to mitigate this vuln...
CVE-2016-9401
CVE-2016-9401 relates to the Bash shell. The vulnerability is in the popd builtin, which may segfault/use‑after‑free a process when called with crafted/negative offsets, potentially enabling local disruption or bypassing restricted shells. The issue is fixed in multiple downstream advisories; rem...
CVE-2012-6711
CVE-2012-6711 describes a heap-based buffer overflow in GNU Bash prior to 4.3. When wide characters not supported by the current LC_CTYPE locale are printed via the echo builtin, ansicstr() mishandles u32cconv() in lib/sh/strtrans.c, potentially allowing a local attacker to crash a script or exec...
CVE-2016-7543
Summary: CVE-2016-7543 affects Bash before 4.4. The root cause is a flaw in handling SHELLOPTS and PS4 environment variables that, when combined with insecure setuid binaries or crafted hosts, enables local privilege escalation to root. Several connected sources confirm this issue across multiple...
CVE-2014-7186
Technical details about CVE-2014-7186 are not provided in the connected documents. Monitor for updates.
CVE-2014-7187
Technical details for CVE-2014-7187 are not publicly available in the provided documents; monitor for updates.
CVE-2016-0634
CVE-2016-0634 concerns Bash 4.3 where expansion of '\h' in the prompt string can trigger arbitrary code execution when a hostname contains shell metacharacters. The vulnerability is triggered by a remote attacker with authenticated access (e.g., via DHCP-influenced hostname) and can result in arb...
CVE-2017-5932
CVE-2017-5932 is a Bash local privilege escalation exploiting the path autocompletion feature. A crafted filename that begins with a double quote and includes a command substitution metacharacter can allow a local user to execute arbitrary code with elevated privileges. The vulnerability affects ...
CVE-2012-3410
CVE-2012-3410 describes a stack-based buffer overflow in GNU Bash (lib/sh/eaccess.c) that occurs when expanding the /dev/fd prefix. Before Bash 4.2 patch 33, a long filename in /dev/fd could allow local users to bypass intended restricted shell access. The vulnerability’s impact is described as a...
CVE-2010-0002
The Red Hat/Mandriva family advisories confirm CVE-2010-0002 affects Mandriva’s Bash packages where /etc/profile.d/60alias.sh enables --show-control-chars in LS_OPTIONS, allowing local users to craft filenames that inject terminal escape sequences or hide files. Impact is local, with potential di...
CVE-1999-0491
CVE-1999-0491 involves a vulnerability in the bash prompt parsing that lets a local user run commands as another user by creating a directory named after the command to execute. Affected component: bash prompt parsing. Root cause: command-name directory expansion during prompt handling enables pr...
CVE-1999-1383
CVE-1999-1383 affects bash (before 1.14.7) and tcsh (6.05). The vulnerability arises when a directory name contains shell metacharacters (back-tick) that are expanded during filename expansion for the PS1 variable, allowing local users to gain privileges. Affects local privilege escalation via di...