Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-0475

Опубликовано: 29 июл. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8

Описание

Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

РелизСтатусПримечание
devel

ignored

esm-infra-legacy/trusty

released

2.19-0ubuntu6.1
lucid

released

2.11.1-0ubuntu7.14
precise

released

2.15-0ubuntu10.6
saucy

ignored

end of life
trusty

released

2.19-0ubuntu6.1
trusty/esm

released

2.19-0ubuntu6.1
upstream

released

2.19-7

Показывать по

РелизСтатусПримечание
devel

released

2.19-10ubuntu1
esm-infra-legacy/trusty

DNE

lucid

DNE

precise

DNE

saucy

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

2.19-6

Показывать по

Ссылки на источники

EPSS

Процентиль: 53%
0.00307
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-0475

redhat
больше 11 лет назад

Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

nvd логотип

CVE-2014-0475

nvd
больше 11 лет назад

Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

debian логотип

CVE-2014-0475

debian
больше 11 лет назад

Multiple directory traversal vulnerabilities in GNU C Library (aka gli ...

github логотип

GHSA-5rvh-fh5r-rhfv

github
больше 3 лет назад

Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

oracle-oval логотип

ELSA-2014-1110

oracle-oval
около 11 лет назад

ELSA-2014-1110: glibc security update (IMPORTANT)

EPSS

Процентиль: 53%
0.00307
Низкий

6.8 Medium

CVSS2