Описание
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| devel | not-affected | |
| esm-apps/bionic | not-affected | |
| esm-apps/xenial | released | 0~20160408.ffea0a2c-2ubuntu0.2+esm3 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | not-affected | |
| focal | not-affected | |
| impish | not-affected | |
| jammy | not-affected | |
| kinetic | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | uses system openssl1.0 |
| devel | not-affected | uses system openssl1.1 |
| esm-apps/bionic | not-affected | uses system openssl1.0 |
| esm-apps/focal | not-affected | uses system openssl1.1 |
| esm-apps/jammy | released | 12.22.9~dfsg-1ubuntu3.1 |
| esm-apps/noble | not-affected | uses system openssl1.1 |
| esm-apps/xenial | not-affected | uses system openssl |
| esm-infra-legacy/trusty | not-affected | uses system openssl |
| focal | not-affected | uses system openssl1.1 |
| impish | not-affected | uses system openssl1.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.1.1-1ubuntu2.1~18.04.17 |
| devel | released | 3.0.2-0ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 1.0.1f-1ubuntu2.27+esm10 |
| esm-infra/bionic | not-affected | 1.1.1-1ubuntu2.1~18.04.17 |
| esm-infra/focal | not-affected | 1.1.1f-1ubuntu2.13 |
| esm-infra/xenial | released | 1.0.2g-1ubuntu4.20+esm3 |
| fips-preview/jammy | released | 3.0.2-0ubuntu1.1 |
| fips-updates/bionic | released | 1.1.1-1ubuntu2.fips.2.1~18.04.17 |
| fips-updates/focal | released | 1.1.1f-1ubuntu2.fips.13.1 |
| fips-updates/jammy | released | 3.0.2-0ubuntu1.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.0.2n-1ubuntu5.9 |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 1.0.2n-1ubuntu5.9 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
The c_rehash script does not properly sanitise shell metacharacters to ...
EPSS
10 Critical
CVSS2
9.8 Critical
CVSS3