Lucene search
CanonicalCVE-2009-0854HistoryMar 11, 2009 - 2:19 p.m.
CVE-2009-0854
2009-03-1114:19:15
CWE-78
canonical
web.nvd.nist.gov
33
cve-2009-0854
untrusted search path
dash 0.5.4
login shell
local users
arbitrary code
trojan horse
.profile
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
High
EPSS
0
Percentile
5.2%
Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory.
Affected configurations
Node
dashdashMatch0.5.4
Related
securityvulns
securityvulns
[USN-732-1] dash vulnerability
2009-03-12 00:00:00
dash privilege esclation
2009-03-12 00:00:00
cvelist
cvelist
CVE-2009-0854
2009-03-11 14:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-732-1)
2009-03-13 00:00:00
Ubuntu USN-732-1 (dash)
2009-03-13 00:00:00
Ubuntu USN-731-1 (apache2)
2009-03-13 00:00:00
ubuntucve
ubuntucve
CVE-2009-0854
2009-03-11 00:00:00
prion
prion
Design/Logic Flaw
2009-03-11 14:19:00
nvd
nvd
CVE-2009-0854
2009-03-11 14:19:15
nessus
nessus
Ubuntu 8.04 LTS / 8.10 : dash vulnerability (USN-732-1)
2009-04-23 00:00:00
debiancve
debiancve
CVE-2009-0854
2009-03-11 14:19:15
ubuntu
ubuntu
dash vulnerability
2009-03-10 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
High
EPSS
0
Percentile
5.2%
Related for CVE-2009-0854