Exploit the possiblities
Showing 1 - 7 of 7 RSS Feed

CVE-2016-7543

Status Candidate

Overview

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.

Related Files

Slackware Security Advisory - bash Updates
Posted Sep 12, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bash packages are available for Slackware 13.1, 13.37, 14.0, 14.1, and 14.2 to fix security issues.

tags | advisory, bash
systems | linux, slackware
advisories | CVE-2016-0634, CVE-2016-7543
MD5 | 37c29c06a445182064da2a64eea8733b
Red Hat Security Advisory 2017-1931-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1931-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Security Fix: An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances.

tags | advisory, arbitrary, shell, local, bash
systems | linux, redhat
advisories | CVE-2016-0634, CVE-2016-7543, CVE-2016-9401
MD5 | 7c8a3a75d795ab44095ecd3d7c25724d
Ubuntu Security Notice USN-3294-2
Posted Aug 1, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3294-2 - USN-3294-1 fixed a vulnerability in Bash. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code with root privileges. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, bash
systems | linux, ubuntu
advisories | CVE-2016-7543
MD5 | b0ac786f800c2b1ae62c931c9a06d34e
Ubuntu Security Notice USN-3294-1
Posted May 18, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3294-1 - Bernd Dietzel discovered that Bash incorrectly expanded the hostname when displaying the prompt. If a remote attacker were able to modify a hostname, this flaw could be exploited to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code with root privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local, root, bash
systems | linux, ubuntu
advisories | CVE-2016-0634, CVE-2016-7543, CVE-2016-9401, CVE-2017-5932
MD5 | 54aa1760f2b12db64932bc9acc879cd5
Red Hat Security Advisory 2017-0725-01
Posted Mar 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0725-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Security Fix: An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances.

tags | advisory, arbitrary, shell, local, bash
systems | linux, redhat
advisories | CVE-2016-0634, CVE-2016-7543, CVE-2016-9401
MD5 | 6b238477973e67226f55cc4cd86b4c4a
HP Security Bulletin HPESBNS03702 1
Posted Feb 13, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBNS03702 1 - Several potential security vulnerabilities have been discovered in the Bash Shell in NonStop OSS Core Utilities. The vulnerabilities allow local users to execute arbitrary commands with root privileges. Revision 1 of this advisory.

tags | advisory, arbitrary, shell, local, root, vulnerability, bash
advisories | CVE-2016-7543
MD5 | 6259680797a99e9a2aa05359b939652b
Gentoo Linux Security Advisory 201701-02
Posted Jan 2, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-2 - Multiple vulnerabilities were found in Bash, the worst of which may allow execution of arbitrary code. Versions less than 4.3_p48-r1 are affected.

tags | advisory, arbitrary, vulnerability, bash
systems | linux, gentoo
advisories | CVE-2016-7543, CVE-2016-9401
MD5 | 5ff062128ef6938a0bf330640f1fe030
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    6 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close