PT-2014-9011 · Gnu+3 · Gnu Coreutils+3

Fiedler Roman

Publicado

2014-12-31

Atualizado

2020-12-08

CVE-2014-9471

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GNU coreutils (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted date string. This can be achieved by providing a specifically crafted string, such as "--date=TZ="123"345" @1", to the touch or date command.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2015-1847

CVE-2014-9471

MGASA-2015-0029

SUSE-SU-2015:0792-1

SUSE-SU-2015_0792-1

USN-2473-1

Produtos afetados

Alt Linux

Gnu Coreutils

Suse

Ubuntu

PT-2014-9011 · Gnu+3 · Gnu Coreutils+3

CVE-2014-9471

Identificadores relacionados

Produtos afetados

Referências · 38