CVE-2016-0634

Опубликовано: 28 авг. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 6

CVSS3: 7.5

Описание

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.

Релиз	Статус	Примечание
artful	not-affected	4.4-2ubuntu1
bionic	not-affected	4.4-2ubuntu1
cosmic	not-affected	4.4-2ubuntu1
devel	not-affected	4.4-2ubuntu1
disco	not-affected	4.4-2ubuntu1
eoan	not-affected	4.4-2ubuntu1
esm-infra-legacy/trusty	released	4.3-7ubuntu1.7
esm-infra/bionic	not-affected	4.4-2ubuntu1
esm-infra/focal	not-affected	4.4-2ubuntu1
esm-infra/xenial	released	4.3-14ubuntu1.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 80%

0.01448

Низкий

6 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-0634

CVSS3: 4.9

redhat

около 10 лет назад

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.

CVE-2016-0634

CVSS3: 7.5

nvd

около 8 лет назад

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.

CVE-2016-0634

CVSS3: 7.5

debian

около 8 лет назад

The expansion of '\h' in the prompt string in bash 4.3 allows remote a ...

GHSA-h2ww-3j54-pccx

CVSS3: 7.5

github

больше 3 лет назад

The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.

openSUSE-SU-2018:1419-1

suse-cvrf

больше 7 лет назад

Security update for bash

EPSS

Процентиль: 80%

0.01448

Низкий

6 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-0634

Описание

Пакет bash

Ссылки на источники

Связанные уязвимости