Описание
Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call.
Ссылки
- Vendor Advisory
- Patch
- Patch
- Vendor Advisory
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:iron_bars_shell:iron_bars_shell:0.3a:*:*:*:*:*:*:*
cpe:2.3:a:iron_bars_shell:iron_bars_shell:0.3b:*:*:*:*:*:*:*
cpe:2.3:a:iron_bars_shell:iron_bars_shell:0.3c:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00886
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call.
EPSS
Процентиль: 75%
0.00886
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other