Showing 1 - 5 of 5

CVE-2017-18206

Status Candidate

Overview

In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.

Slackware Security Advisory - zsh Updates: Posted Jan 14, 2019; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2017-18205, CVE-2017-18206, CVE-2018-1071, CVE-2018-1083, CVE-2018-1100, CVE-2018-7548, CVE-2018-7549; SHA-256 | 75714a129e42d4b4915bf3a86c269a8547eaafbdae3c85324b24890e055279b1; Download | Favorite | View

Red Hat Security Advisory 2018-3073-01: Posted Oct 31, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-3073-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. Issues addressed include buffer overflow and code execution vulnerabilities.; tags | advisory, overflow, shell, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2014-10071, CVE-2014-10072, CVE-2017-18205, CVE-2017-18206, CVE-2018-1071, CVE-2018-1083, CVE-2018-1100, CVE-2018-7549; SHA-256 | be3d8852b1af029a739b1086e6b911f73b5c55e8833f586363f67a4443883f35; Download | Favorite | View

Red Hat Security Advisory 2018-1932-01: Posted Jun 20, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1932-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. Issues addressed include buffer overflow and code execution vulnerabilities.; tags | advisory, overflow, shell, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2014-10072, CVE-2017-18206, CVE-2018-1083, CVE-2018-1100; SHA-256 | 6e92fa4a1f8faa6cbbfe11a277ce8dde91c2e66563b8ac7239e71ab8260f24ad; Download | Favorite | View

Gentoo Linux Security Advisory 201805-10: Posted May 26, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201805-10 - Multiple vulnerabilities have been found in Zsh, the worst of which could allow local attackers to execute arbitrary code. Versions less than 5.5 are affected.; tags | advisory, arbitrary, local, vulnerability; systems | linux, gentoo; advisories | CVE-2017-18205, CVE-2017-18206, CVE-2018-1071, CVE-2018-1083, CVE-2018-1100, CVE-2018-7548, CVE-2018-7549; SHA-256 | bcc13399a5aa0244fbf2117c08f42b8c6a1cf2d324abe383a04b370e63109d6b; Download | Favorite | View

Ubuntu Security Notice USN-3593-1: Posted Mar 8, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3593-1 - It was discovered that Zsh incorrectly handled certain environment variables. An attacker could possibly use this issue to gain privileged access to the system. This issue only affected Ubuntu 14.04 LTS. It was discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2014-10070, CVE-2014-10071, CVE-2014-10072, CVE-2016-10714, CVE-2017-18205, CVE-2017-18206, CVE-2018-7548, CVE-2018-7549; SHA-256 | 84acebd4d29c3cd2686c174023ec9665be0db2b8567e0c54f82df6013a15303e; Download | Favorite | View

Page 1 of 1 Back 1 Next