CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-8605
https://notcve.org/view.php?id=CVE-2016-8605
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected. • http://www.openwall.com/lists/oss-security/2016/10/12/1 http://www.securityfocus.com/bid/93510 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QTAGSDCTYXTABAA77BQJGNKOOBRV4DK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNVE5N24FLWDYBQ3LAFMF6BFCWKDO7VM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJP5S36GTXMDEBXWF6LKKV76DSLNQG44 • CWE-275: Permission Issues •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-8606
https://notcve.org/view.php?id=CVE-2016-8606
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. El servidor REPL (--listen) en GNU Guile 2.0.12 permite a un atacante ejecutar código arbitrario a través de un ataque interprotocolo HTTP. • http://www.openwall.com/lists/oss-security/2016/10/12/2 http://www.securityfocus.com/bid/93514 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QTAGSDCTYXTABAA77BQJGNKOOBRV4DK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNVE5N24FLWDYBQ3LAFMF6BFCWKDO7VM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJP5S36GTXMDEBXWF6LKKV76DSLNQG44 • CWE-284: Improper Access Control •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7543 – bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution
https://notcve.org/view.php?id=CVE-2016-7543
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. Bash en versiones anteriores a 4.4 permite a usuarios locales ejecutar comandos arbitrarios con privilegios root a través de variables de entorno SHELLOPTS y PS4 manipuladas. An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances. • http://rhn.redhat.com/errata/RHSA-2017-0725.html http://www.openwall.com/lists/oss-security/2016/09/26/9 http://www.securityfocus.com/bid/93183 http://www.securitytracker.com/id/1037812 https://access.redhat.com/errata/RHSA-2017:1931 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05388115 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7XOQSHU63Y357NHU5FPTFBM6I3YOCQB https://lists.fedoraproject.org/archives/list&#x • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0CVE-2016-9401 – bash: popd controlled free
https://notcve.org/view.php?id=CVE-2016-9401
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. popd en bash podrían permitir a usuarios locales eludir el shell restringido y provocar un uso después de liberación de memoria a través de una dirección manipulada. A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session. • http://rhn.redhat.com/errata/RHSA-2017-0725.html http://www.openwall.com/lists/oss-security/2016/11/17/5 http://www.openwall.com/lists/oss-security/2016/11/17/9 http://www.securityfocus.com/bid/94398 https://access.redhat.com/errata/RHSA-2017:1931 https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html https://security.gentoo.org/glsa/201701-02 https://access.redhat.com/security/cve/CVE-2016-9401 https://bugzilla.redhat.com/show_bug.cgi?id=1396383 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2016-0634 – bash: Arbitrary code execution via malicious hostname
https://notcve.org/view.php?id=CVE-2016-0634
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine. La expansión de \h en la línea de comandos en bash 4.3 permite a los usuarios autenticados remotos ejecutar código arbitrario mediante metacaracteres shell ubicados en 'hostname' de la máquina. An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. • http://rhn.redhat.com/errata/RHSA-2017-0725.html http://www.openwall.com/lists/oss-security/2016/09/16/12 http://www.openwall.com/lists/oss-security/2016/09/16/8 http://www.openwall.com/lists/oss-security/2016/09/18/11 http://www.openwall.com/lists/oss-security/2016/09/19/7 http://www.openwall.com/lists/oss-security/2016/09/20/1 http://www.openwall.com/lists/oss-security/2016/09/27/9 http://www.openwall.com/lists/oss-security/2016/09/29& • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •