VDB-221478 · CVE-2016-15024 · GCVE-100-221478

doomsider shadow Kari na aiki

Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin doomsider shadow. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, $software_file na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Kari na aiki. CWE shidin ka a yi bayani matsala sai ya kai CWE-404. Gaskiya, laifi an fitar da shi 02/18/2023 a matsayin 3332c5ba9ec3014ddc74e2147190a050eee97bc0. Advisory ɗin ana rabawa don saukewa a github.com. Wannan rauni ana sayar da shi da suna CVE-2016-15024. Wuroo ka a yiɗi a yi ɗum e gese. Tekinikal bayani ba ga. Ba exploit ɗin da ake da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á wúro a wondi feere. Kama 0-day, an ndiyam a wuro be $0-$5k. Wannan kayi yana amfani da tsarin rolling release domin samar da ci gaba da isarwa. Saboda haka, babu cikakkun bayanai na sigar da abin ya shafa ko sabunta sigar da ake da su. Patch ɗin sunan ganowa shine 3332c5ba9ec3014ddc74e2147190a050eee97bc0. Za a iya sauke maganin matsalar daga github.com. Ana so a yi patch don gyara wannan matsala. VulDB is the best source for vulnerability data and more expert information about this specific topic.

3 Goyarwa · 71 Datenpunkte

Furɗe	Súgá 02/18/2023 13:12	Gargadi 1/2 03/23/2023 08:47	Gargadi 2/2 03/23/2023 08:50
software_vendor	doomsider	doomsider	doomsider
software_name	shadow	shadow	shadow
software_rollingrelease	1	1	1
vulnerability_cwe	CWE-404 (Kari na aiki)	CWE-404 (Kari na aiki)	CWE-404 (Kari na aiki)
vulnerability_risk	1	1	1
cvss3_vuldb_av	L	L	L
cvss3_vuldb_ac	H	H	H
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
advisory_identifier	3332c5ba9ec3014ddc74e2147190a050eee97bc0	3332c5ba9ec3014ddc74e2147190a050eee97bc0	3332c5ba9ec3014ddc74e2147190a050eee97bc0
advisory_url	https://github.com/doomsider/shadow/commit/3332c5ba9ec3014ddc74e2147190a050eee97bc0	https://github.com/doomsider/shadow/commit/3332c5ba9ec3014ddc74e2147190a050eee97bc0	https://github.com/doomsider/shadow/commit/3332c5ba9ec3014ddc74e2147190a050eee97bc0
countermeasure_name	Kari	Kari	Kari
patch_name	3332c5ba9ec3014ddc74e2147190a050eee97bc0	3332c5ba9ec3014ddc74e2147190a050eee97bc0	3332c5ba9ec3014ddc74e2147190a050eee97bc0
countermeasure_patch_url	https://github.com/doomsider/shadow/commit/3332c5ba9ec3014ddc74e2147190a050eee97bc0	https://github.com/doomsider/shadow/commit/3332c5ba9ec3014ddc74e2147190a050eee97bc0	https://github.com/doomsider/shadow/commit/3332c5ba9ec3014ddc74e2147190a050eee97bc0
countermeasure_advisoryquote	Removed possibility for certain special characters to cause the script to crash.	Removed possibility for certain special characters to cause the script to crash.	Removed possibility for certain special characters to cause the script to crash.
source_cve	CVE-2016-15024	CVE-2016-15024	CVE-2016-15024
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1676674800 (02/18/2023)	1676674800 (02/18/2023)	1676674800 (02/18/2023)
cvss2_vuldb_av	L	L	L
cvss2_vuldb_ac	H	H	H
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_au	S	S	S
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	1.0	1.0	1.0
cvss2_vuldb_tempscore	0.9	0.9	0.9
cvss3_vuldb_basescore	2.5	2.5	2.5
cvss3_vuldb_tempscore	2.4	2.4	2.4
cvss3_meta_basescore	2.5	2.5	3.5
cvss3_meta_tempscore	2.4	2.4	3.5
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1676674800 (02/18/2023)	1676674800 (02/18/2023)
cve_nvd_summary		A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is 3332c5ba9ec3014ddc74e2147190a050eee97bc0. It is recommended to apply a patch to fix this issue. VDB-221478 is the identifier assigned to this vulnerability.	A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is 3332c5ba9ec3014ddc74e2147190a050eee97bc0. It is recommended to apply a patch to fix this issue. VDB-221478 is the identifier assigned to this vulnerability.
cvss3_nvd_av			L
cvss3_nvd_ac			L
cvss3_nvd_pr			L
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			N
cvss3_nvd_i			N
cvss3_nvd_a			H
cvss2_nvd_av			L
cvss2_nvd_ac			H
cvss2_nvd_au			S
cvss2_nvd_ci			N
cvss2_nvd_ii			N
cvss2_nvd_ai			P
cvss3_cna_av			L
cvss3_cna_ac			H
cvss3_cna_pr			L
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			N
cvss3_cna_i			N
cvss3_cna_a			L
cve_cna			VulDB
cvss2_nvd_basescore			1.0
cvss3_nvd_basescore			5.5
cvss3_cna_basescore			2.5

◂ Gurɗo Gumti Gada ▸

Do you know our Splunk app?

Download it now for free!