Lucene search
Veracode Vulnerability DatabaseVERACODE:25233HistoryMay 10, 2020 - 11:21 p.m.
Denial Of Service (DoS)
2020-05-1023:21:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.0004 Low
EPSS
Percentile
5.1%
zsh is vulnerable to denial of service (DoS). The vulnerability exists through a stack-based buffer overflow in the exec.c:hashcmd() function.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zsh:3.4 | eq | 5.2-r1 | |
| zsh:stretch | eq | 5.3.1-4+b3 | |
| zsh:3.4 | eq | 5.2-r1 | |
| zsh:stretch | eq | 5.3.1-4+b3 |
References
www.securityfocus.com/bid/103359
access.redhat.com/errata/RHSA-2018:3073
access.redhat.com/security/cve/CVE-2018-1071
bugzilla.redhat.com/show_bug.cgi?id=1553531
lists.debian.org/debian-lts-announce/2018/03/msg00038.html
lists.debian.org/debian-lts-announce/2020/12/msg00000.html
security.gentoo.org/glsa/201805-10
usn.ubuntu.com/3608-1/
Related
debiancve
debiancve
CVE-2018-1071
2018-03-09 15:29:00
osv
osv
CVE-2018-1071
2018-03-09 15:29:00
zsh - security update
2018-03-31 00:00:00
zsh - security update
2020-11-30 00:00:00
prion
prion
Stack overflow
2018-03-09 15:29:00
cvelist
cvelist
CVE-2018-1071
2018-03-09 15:00:00
cve
cve
CVE-2018-1071
2018-03-09 15:29:00
redhatcve
redhatcve
CVE-2018-1071
2018-03-09 02:49:27
ubuntucve
ubuntucve
CVE-2018-1071
2018-03-09 00:00:00
nvd
nvd
CVE-2018-1071
2018-03-09 15:29:00
alpinelinux
alpinelinux
CVE-2018-1071
2018-03-09 15:29:00
ubuntu
ubuntu
Zsh vulnerabilities
2018-03-27 00:00:00
nessus
nessus
Debian DLA-1335-1 : zsh security update
2018-04-02 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Zsh vulnerabilities (USN-3608-1)
2018-03-29 00:00:00
Amazon Linux 2 : zsh (ALAS-2018-1013)
2018-05-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3608-1)
2018-10-26 00:00:00
Debian: Security Advisory (DLA-1335-1)
2018-04-01 00:00:00
Mageia: Security Advisory (MGASA-2018-0206)
2022-01-28 00:00:00
mageia
mageia
Updated zsh packages fix security vulnerabilities
2018-04-20 20:24:13
debian
debian
[SECURITY] [DLA 1335-1] zsh security update
2018-03-31 22:19:22
[SECURITY] [DLA 2470-1] zsh security update
2020-12-01 03:35:30
fedora
fedora
[SECURITY] Fedora 28 Update: zsh-5.5-1.fc28
2018-04-17 00:24:00
[SECURITY] Fedora 27 Update: zsh-5.4.1-3.fc27
2018-05-05 22:28:53
[SECURITY] Fedora 27 Update: zsh-5.4.1-4.fc27
2018-09-14 21:54:37
suse
suse
Security update for zsh (moderate)
2018-07-06 00:07:46
Security update for zsh (important)
2018-10-02 12:07:57
Security update for zsh (important)
2018-04-25 18:07:15
amazon
amazon
Medium: zsh
2018-05-10 17:23:00
Medium: zsh
2018-12-06 00:20:00
slackware
slackware
[slackware-security] zsh
2019-01-14 04:33:07
gentoo
gentoo
Zsh: Multiple vulnerabilities
2018-05-26 00:00:00
redhat
redhat
(RHSA-2018:3073) Moderate: zsh security and bug fix update
2018-10-30 04:16:11
centos
centos
zsh security update
2018-11-15 18:54:22
oraclelinux
oraclelinux
zsh security and bug fix update
2018-11-05 00:00:00
rapid7blog
rapid7blog
Driver-Based Attacks: Past and Present
2021-12-13 14:00:00