Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-1396

Опубликовано: 24 янв. 2015
Источник: redhat
CVSS2: 3.6

Описание

A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5patchNot affected
Red Hat Enterprise Linux 6patchNot affected
Red Hat Enterprise Linux 7patchNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1186764patch: directory traversal via symlinks (incomplete fix for CVE-2015-1196)

3.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-1396

CVSS3: 7.5
ubuntu
около 6 лет назад

A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.

nvd логотип

CVE-2015-1396

CVSS3: 7.5
nvd
около 6 лет назад

A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.

debian логотип

CVE-2015-1396

CVSS3: 7.5
debian
около 6 лет назад

A Directory Traversal vulnerability exists in the GNU patch before 2.7 ...

github логотип

GHSA-37cv-ggjj-37qh

github
больше 3 лет назад

A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.

suse-cvrf логотип

SUSE-SU-2015:1019-1

suse-cvrf
больше 10 лет назад

Security update for patch

3.6 Low

CVSS2