exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2014-7817

Status Candidate

Overview

The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".

Related Files

Gentoo Linux Security Advisory 201602-02
Posted Feb 17, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201602-2 - Multiple vulnerabilities have been found in the GNU C library, the worst allowing for remote execution of arbitrary code. Versions less than 2.21-r2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-7423, CVE-2014-0475, CVE-2014-5119, CVE-2014-6040, CVE-2014-7817, CVE-2014-8121, CVE-2014-9402, CVE-2015-1472, CVE-2015-1781, CVE-2015-7547, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
MD5 | 4ae3105bd8ed710ad3f2ffe994f6efdc
Mandriva Linux Security Advisory 2015-168
Posted Mar 31, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-168 - Updated glibc packages fix multiple security vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2012-3406, CVE-2014-0475, CVE-2014-4043, CVE-2014-5119, CVE-2014-6040, CVE-2014-7817, CVE-2014-9402, CVE-2015-1472, CVE-2015-1473
MD5 | b7bc646306e46a1f68447be66b599961
Debian Security Advisory 3142-1
Posted Jan 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3142-1 - Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-6656, CVE-2014-6040, CVE-2014-7817, CVE-2015-0235
MD5 | 1c6656674352bdd6eb5b983035a39c4a
Red Hat Security Advisory 2015-0016-01
Posted Jan 7, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0016-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. An out-of-bounds read flaw was found in the way glibc's iconv() function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv() function with a specially crafted argument could use this flaw to crash that application. It was found that the wordexp() function would perform command substitution even when the WRDE_NOCMD flag was specified. An attacker able to provide specially crafted input to an application using the wordexp() function, and not sanitizing the input correctly, could potentially use this flaw to execute arbitrary commands with the credentials of the user running that application.

tags | advisory, arbitrary
systems | linux, redhat, osx
advisories | CVE-2014-6040, CVE-2014-7817
MD5 | 4e120cd1132b641b1cddbc67f7d2cb8f
Red Hat Security Advisory 2014-2023-01
Posted Dec 19, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-2023-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was found that the wordexp() function would perform command substitution even when the WRDE_NOCMD flag was specified. An attacker able to provide specially crafted input to an application using the wordexp() function, and not sanitizing the input correctly, could potentially use this flaw to execute arbitrary commands with the credentials of the user running that application.

tags | advisory, arbitrary
systems | linux, redhat, osx
advisories | CVE-2014-7817
MD5 | 2b314e572db9e64a530a5b7d8cefee2e
Ubuntu Security Notice USN-2432-1
Posted Dec 4, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2432-1 - Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. Adhemerval Zanella Netto discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-6656, CVE-2014-6040, CVE-2014-7817
MD5 | 11a92497d8b0bc7133717b842bac8b9a
Mandriva Linux Security Advisory 2014-232
Posted Nov 28, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-232 - The function wordexp\(\) fails to properly handle the WRDE_NOCMD flag when processing arithmetic inputs in the form of $((... ``)) where ... can be anything valid. The backticks in the arithmetic expression are evaluated by in a shell even if WRDE_NOCMD forbade command substitution. This allows an attacker to attempt to pass dangerous commands via constructs of the above form, and bypass the WRDE_NOCMD flag. This update fixes the issue.

tags | advisory, shell
systems | linux, mandriva
advisories | CVE-2014-7817
MD5 | 7b3eb93ce346e1df90abd3ec9d6b0df9
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close