Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArch LinuxASA-201501-24
HistoryJan 28, 2015 - 12:00 a.m.

patch: multiple issues

2015-01-2800:00:00
Arch Linux
lists.archlinux.org
32

EPSS

0.01

Percentile

83.8%

JSON
  • CVE-2015-1196 (directory traversal)

A directory traversal flaw was discovered that allows remote attackers
to write to arbitrary files via a symlink attack in a patch file. This
could allow an attacker to overwrite arbitrary files by applying a
specially crafted patch, with the privileges of the user running patch.

  • CVE-2014-9637 (denial of service)

It was reported that a crafted patch file can consume all available
memory and later segfault resulting in denial of service.

OSVersionArchitecturePackageVersionFilename
anyanyanypatch< 2.7.3-1UNKNOWN

Related

openvas 14
fedora 4
nessus 15
mageia 1
securityvulns 3
nvd 3
cve 3
ubuntucve 3
prion 3
debiancve 3
cvelist 3
ubuntu 1
slackware 1
osv 1
rosalinux 1
suse 1
openvas
openvas
Fedora Update for patch FEDORA-2015-3556
2015-03-24 00:00:00
Fedora Update for patch FEDORA-2015-1553
2015-02-06 00:00:00
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-2428)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: patch-2.7.4-1.fc21
2015-02-05 05:23:20
[SECURITY] Fedora 21 Update: patch-2.7.5-1.fc21
2015-03-23 07:13:16
[SECURITY] Fedora 21 Update: patch-2.7.3-1.fc21
2015-01-30 23:54:24
nessus
nessus
EulerOS 2.0 SP5 : patch (EulerOS-SA-2019-1982)
2019-09-24 00:00:00
Fedora 20 : patch-2.7.5-1.fc20 (2015-1165)
2015-04-07 00:00:00
Mandriva Linux Security Advisory : patch (MDVSA-2015:050)
2015-03-19 00:00:00
mageia
mageia
Updated patch packages fix security vulnerabilities
2015-02-17 21:38:13
securityvulns
securityvulns
[ MDVSA-2015:050 ] patch
2015-03-08 00:00:00
GNU patch security vulnerabilities
2015-06-29 00:00:00
[USN-2651-1] GNU patch vulnerabilities
2015-06-29 00:00:00
nvd
nvd
CVE-2014-9637
2017-08-25 18:29:00
CVE-2015-1196
2015-01-21 18:59:57
CVE-2015-1396
2019-11-25 16:15:12
cve
cve
CVE-2014-9637
2017-08-25 18:29:00
CVE-2015-1196
2015-01-21 18:59:57
CVE-2015-1396
2019-11-25 16:15:12
ubuntucve
ubuntucve
CVE-2014-9637
2014-12-31 00:00:00
CVE-2015-1196
2015-01-21 00:00:00
CVE-2015-1396
2015-01-28 00:00:00
prion
prion
Design/Logic Flaw
2017-08-25 18:29:00
Design/Logic Flaw
2015-01-21 18:59:00
Directory traversal
2019-11-25 16:15:00
debiancve
debiancve
CVE-2014-9637
2017-08-25 18:29:00
CVE-2015-1196
2015-01-21 18:59:57
CVE-2015-1396
2019-11-25 16:15:12
cvelist
cvelist
CVE-2014-9637
2017-08-25 18:00:00
CVE-2015-1196
2015-01-21 18:00:00
CVE-2015-1396
2019-11-25 15:44:16
ubuntu
ubuntu
GNU patch vulnerabilities
2015-06-22 00:00:00
slackware
slackware
[slackware-security] patch
2015-02-16 21:15:25
osv
osv
patch-2.7.5-1.112 on GA media
2024-06-15 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1946
2021-07-02 17:39:56
suse
suse
Security update for patch (important)
2018-05-07 21:07:23

EPSS

0.01

Percentile

83.8%

JSON
Related for ASA-201501-24
openvas14fedora4nessus15mageia1securityvulns3nvd3cve3ubuntucve3prion3debiancve3cvelist3ubuntu1slackware1osv1rosalinux1suse1