3 results (0.020 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=302412 http://www.redhat.com/support/errata/RHSA-2005-377.html http://www.securityfocus.com/bid/12981 https://bugzilla.ubuntu.com/show_bug.cgi?id=8459 https://exchange.xforce.ibmcloud.com/vulnerabilities/19957 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9613 https://usn.ubuntu.com/104-1 https://access.redhat.com/security/cve/CVE-2005-0990 https://bugzilla.redhat.com/show_bug.cgi?id=16 •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 1

Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument. • http://marc.info/?l=bugtraq&m=108137386310299&w=2 http://www.redhat.com/support/errata/RHSA-2005-377.html http://www.securityfocus.com/archive/1/359639 http://www.securityfocus.com/bid/10066 https://bugzilla.fedora.us/show_bug.cgi?id=2155 https://exchange.xforce.ibmcloud.com/vulnerabilities/15759 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11722 https://access.redhat.com/security/cve/CVE-2004-1772 https://bugzilla.redhat.com/show_bug.c •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar. • http://security.gentoo.org/glsa/glsa-200410-01.xml http://www.redhat.com/support/errata/RHSA-2005-377.html http://www.securityfocus.com/bid/11298 https://bugzilla.fedora.us/show_bug.cgi?id=2155 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11093 https://access.redhat.com/security/cve/CVE-2004-1773 https://bugzilla.redhat.com/show_bug.cgi?id=1617418 •