Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2012-3410
Description:Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix.
Test IDs: 1.3.6.1.4.1.25623.1.0.72120   1.3.6.1.4.1.25623.1.0.831716   1.3.6.1.4.1.25623.1.1.4.2012.0988.1   1.3.6.1.4.1.25623.1.1.4.2014.1214.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-3410
BugTraq ID: 54937
http://www.securityfocus.com/bid/54937
http://security.gentoo.org/glsa/glsa-201210-05.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:128
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278
http://www.openwall.com/lists/oss-security/2012/07/11/11
http://www.openwall.com/lists/oss-security/2012/07/11/22
http://www.openwall.com/lists/oss-security/2012/07/12/4
http://secunia.com/advisories/51086
SuSE Security Announcement: openSUSE-SU-2012:0898 (Google Search)
https://hermes.opensuse.org/messages/15227834
XForce ISS Database: bash-devfd-bo(77551)
https://exchange.xforce.ibmcloud.com/vulnerabilities/77551




© 1998-2021 E-Soft Inc. All rights reserved.