Download
| Alert*
oval:org.secpod.oval:def:200552
Bash is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrar ... oval:org.secpod.oval:def:201446 Bash is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrar ... oval:org.secpod.oval:def:500143 Bash is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrar ... oval:org.secpod.oval:def:503601 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * bash: BASH_CMD is writable in restricted bash shells For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the ... oval:org.secpod.oval:def:107484 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:107485 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:111372 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:203087 bash is installed oval:org.secpod.oval:def:111374 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:89044845 This update for bash fixes the following issues: - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables. - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the prompt. The ... oval:org.secpod.oval:def:89003288 This update for bash fixes the following issues: Security issue fixed: - CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell . oval:org.secpod.oval:def:89003445 This update for bash fixes the following issues: Security issue fixed: - CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell . oval:org.secpod.oval:def:89044799 This update for bash fixes an issue that could lead to syntax errors when parsing scripts that use expr inside loops. Additionally, the popd build-in now ensures that the normalized stack offset is within bounds before trying to free that stack entry. This fixes a segmentation fault. oval:org.secpod.oval:def:204589 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:204694 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:111437 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:111391 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:1504891 [4.4.19-14] - Fix hang when limit for nproc is very high Resolves: #1890888 [4.4.19-13] - Correctly drop saved UID when effective UID is not equal to its real UID Resolves: #1793943 oval:org.secpod.oval:def:203443 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override o ... oval:org.secpod.oval:def:1500725 Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:1500726 Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:1500729 Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise L ... oval:org.secpod.oval:def:1500728 Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:107628 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:203430 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override o ... oval:org.secpod.oval:def:107580 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:1500730 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1500732 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1500731 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1500733 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1600141 This ALAS is superceded by ALAS-2014-419.A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticate ... oval:org.secpod.oval:def:107738 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell. Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:501389 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or ... oval:org.secpod.oval:def:203429 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override o ... oval:org.secpod.oval:def:203428 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override o ... oval:org.secpod.oval:def:1500745 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:501390 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or ... oval:org.secpod.oval:def:1501804 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:1600759 popd controlled free:A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session.Arbitrary code execution via malicious hostname:An arbitrary command inject ... oval:org.secpod.oval:def:502078 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:502007 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:1501960 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205544 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * bash: BASH_CMD is writable in restricted bash shells For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the ... oval:org.secpod.oval:def:97629 [CLSA-2022:1650910003] Fixed CVE-2019-18276 in bash oval:org.secpod.oval:def:203442 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environme ... oval:org.secpod.oval:def:1500809 GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted envir ... oval:org.secpod.oval:def:203432 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environme ... oval:org.secpod.oval:def:203434 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environme ... oval:org.secpod.oval:def:203433 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environme ... oval:org.secpod.oval:def:1500850 Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction. oval:org.secpod.oval:def:1500741 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1500743 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:1500744 Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ... oval:org.secpod.oval:def:501394 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environme ... oval:org.secpod.oval:def:1600014 GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ... oval:org.secpod.oval:def:501395 The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell . Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environme ... oval:org.secpod.oval:def:1500832 GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and m ... oval:org.secpod.oval:def:2600131 The bash packages provide Bash , which is the default shell for AlmaLinux. oval:org.secpod.oval:def:1506388 [5.1.8-6] - Add a null check in parameter_brace_transform function Resolves: CVE-2022-3715 oval:org.secpod.oval:def:5800009 The bash packages provide Bash , which is the default shell for Rocky Linux. Security Fix: * bash: a heap-buffer-overflow in valid_parameter_transform For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page ... oval:org.secpod.oval:def:19500128 A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems oval:org.secpod.oval:def:507496 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * bash: a heap-buffer-overflow in valid_parameter_transform For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to ... |