CVE-2023-38336

Опубликовано: 14 июл. 2023

Источник: ubuntu

Приоритет: medium

CVSS3: 9.8

Описание

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	DNE
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/xenial	needs-triage
focal	ignored	end of standard support, was needs-triage
jammy	needs-triage
kinetic	ignored	end of life, was needs-triage
lunar	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2023-38336

CVSS3: 9.8

nvd

больше 2 лет назад

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

CVE-2023-38336

CVSS3: 9.8

debian

больше 2 лет назад

netkit-rcp in rsh-client 0.17-24 allows command injection via filename ...

GHSA-vg2g-72mx-mj33

CVSS3: 9.8

github

больше 2 лет назад

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

9.8 Critical

CVSS3

CVE-2023-38336

Описание

Пакет netkit-rsh

Ссылки на источники

Связанные уязвимости