Oliver Kiddle

**Name of the Vulnerable Software and Affected Versions** ksh version 20120801 **Description** A flaw was found in the way ksh evaluates certain environment variables, allowing an attacker to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely. **Recommendations** For ksh version 20120801, consider restricting the use of environment variables that could be exploited by remote attackers until a patch is available. As a temporary workaround, limit the ability of services and applications to accept environment variables from unauthenticated sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zsh versions prior to 5.4.2-test-1 **Description** The issue is related to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path, leading to code execution in the context of the user who tries to use autocomplete to traverse the mentioned path. If the affected user is privileged, this results in privilege escalation. The exploitation of this issue may allow an attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For versions prior to 5.4.2-test-1, update to version 5.4.2-test-1 or later to resolve the issue. As a temporary workaround, consider disabling the autocomplete functionality until a patch is available. Restrict access to sensitive directories to minimize the risk of exploitation.