Lucene search
PRIOn knowledge basePRION:CVE-2015-1815HistoryMar 30, 2015 - 2:59 p.m.
Design/Logic Flaw
2015-03-3014:59:00
PRIOn knowledge base
www.prio-n.com
3
The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 22 | |
| setroubleshoot | le | 3.2.21 |
References
rhn.redhat.com/errata/RHSA-2015-0729.html
www.openwall.com/lists/oss-security/2015/03/26/1
www.osvdb.org/119966
www.securityfocus.com/bid/73374
bugzilla.redhat.com/show_bug.cgi?id=1203352
bugzilla.redhat.com/show_bug.cgi?id=1206050
github.com/stealth/troubleshooter
lists.fedoraproject.org/pipermail/package-announce/2015-April/154427.html
lists.fedoraproject.org/pipermail/package-announce/2015-April/154444.html
lists.fedoraproject.org/pipermail/package-announce/2015-March/154147.html
www.exploit-db.com/exploits/36564/
Related
cvelist
cvelist
CVE-2015-1815
2015-03-30 14:00:00
openvas
openvas
CentOS Update for setroubleshoot CESA-2015:0729 centos7
2015-04-01 00:00:00
Oracle: Security Advisory (ELSA-2015-0729)
2015-10-06 00:00:00
Fedora Update for setroubleshoot FEDORA-2015-4792
2015-07-07 00:00:00
centos
centos
setroubleshoot security update
2015-03-26 23:21:26
fedora
fedora
[SECURITY] Fedora 20 Update: setroubleshoot-3.2.17-2.fc20
2015-04-08 06:56:03
[SECURITY] Fedora 21 Update: setroubleshoot-3.2.22-1.fc21
2015-04-08 06:58:54
[SECURITY] Fedora 22 Update: setroubleshoot-3.2.22-1.fc22
2015-03-31 21:59:08
ubuntucve
ubuntucve
CVE-2015-1815
2015-03-30 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:05:06
nessus
nessus
Oracle Linux 5 / 6 / 7 : setroubleshoot (ELSA-2015-0729)
2015-03-27 00:00:00
Fedora 21 : setroubleshoot-3.2.22-1.fc21 (2015-4838)
2015-04-09 00:00:00
oraclelinux
oraclelinux
setroubleshoot security update
2015-03-26 00:00:00
f5
f5
K16428 : setroubleshoot vulnerability CVE-2015-1815
2015-04-13 00:00:00
SOL16428 - setroubleshoot vulnerability CVE-2015-1815
2015-04-13 00:00:00
redhat
redhat
(RHSA-2015:0729) Important: setroubleshoot security update
2015-03-26 00:00:00
cve
cve
CVE-2015-1815
2015-03-30 14:59:03
nvd
nvd
CVE-2015-1815
2015-03-30 14:59:03