CVE-2016-6902

Опубликовано: 24 апр. 2017

Источник: debian

EPSS Низкий

Описание

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

Пакет	Статус	Версия исправления	Релиз	Тип
lshell	removed			package
lshell	not-affected		wheezy	package

https://github.com/ghantoos/lshell/issues/147
https://www.openwall.com/lists/oss-security/2016/08/22/15
As for 2016-08-23 https://github.com/ghantoos/lshell/issues/147#issuecomment-241366750 ist still
as well under the scope of CVE-2016-6902, until "there is further vendor followup
about issues/147" and possibly a new/additional CVE assignment.

EPSS

Процентиль: 83%

0.01989

Низкий

CVE-2016-6902

CVSS3: 9.9

ubuntu

почти 9 лет назад

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

CVE-2016-6902

CVSS3: 9.9

nvd

почти 9 лет назад

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

GHSA-f3r7-j2g2-9mjw

CVSS3: 9.9

github

больше 3 лет назад

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

EPSS

Процентиль: 83%

0.01989

Низкий