CVE-2018-1071

Related Files

Slackware Security Advisory - zsh Updates

Posted Jan 14, 2019

Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues.

tags | advisory

systems | linux, slackware

advisories | CVE-2017-18205, CVE-2017-18206, CVE-2018-1071, CVE-2018-1083, CVE-2018-1100, CVE-2018-7548, CVE-2018-7549

SHA-256 | 75714a129e42d4b4915bf3a86c269a8547eaafbdae3c85324b24890e055279b1

Download | Favorite | View

Red Hat Security Advisory 2018-3073-01

Posted Oct 31, 2018

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3073-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, shell, vulnerability, code execution

systems | linux, redhat

advisories | CVE-2014-10071, CVE-2014-10072, CVE-2017-18205, CVE-2017-18206, CVE-2018-1071, CVE-2018-1083, CVE-2018-1100, CVE-2018-7549

SHA-256 | be3d8852b1af029a739b1086e6b911f73b5c55e8833f586363f67a4443883f35

Download | Favorite | View

ASRock Drivers Privilege Escalation / Code Execution

Posted Oct 27, 2018

Authored by Core Security Technologies, Diego Juarez | Site secureauth.com

ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were found in AsrDrv101.sys and AsrDrv102.sys low level drivers, installed by ASRock RGBLED and other ASRock branded utilities, which could allow a local attacker to elevate privileges. Vulnerable packages include ASRock RGBLED before version 1.0.35.1, A-Tuning before version 3.0.210, F-Stream before version 3.0.210, and RestartToUEFI before version 1.0.6.2.

tags | exploit, local, vulnerability

advisories | CVE-2018-10709, CVE-2018-10710, CVE-2018-10711, CVE-2018-10712

SHA-256 | 3b57e1d843a64059edf1200acba22a276913db2838fb449328d307badda0ce0e

Download | Favorite | View

Gentoo Linux Security Advisory 201805-10

Posted May 26, 2018

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201805-10 - Multiple vulnerabilities have been found in Zsh, the worst of which could allow local attackers to execute arbitrary code. Versions less than 5.5 are affected.

tags | advisory, arbitrary, local, vulnerability

systems | linux, gentoo

advisories | CVE-2017-18205, CVE-2017-18206, CVE-2018-1071, CVE-2018-1083, CVE-2018-1100, CVE-2018-7548, CVE-2018-7549

SHA-256 | bcc13399a5aa0244fbf2117c08f42b8c6a1cf2d324abe383a04b370e63109d6b

Download | Favorite | View

Call Of Duty Modern Warfare 2 Buffer Overflow

Posted May 4, 2018

Authored by momo5502

Call Of Duty Modern Warfare 2 buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept

advisories | CVE-2018-10718

SHA-256 | bfef1377d9de792500db782d09fc4c9cd6f5a22b26697966467e741c1944dbdf

Download | Favorite | View

Ubuntu Security Notice USN-3608-1

Posted Mar 28, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3608-1 - Richard Maciel Costa discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. It was discovered that Zsh incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2018-1071, CVE-2018-1083

SHA-256 | 4a99fa767bd53ffe79f1111930bcaa884a7ab3ea59090e770b75211d35a9356a

Download | Favorite | View