The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
History

Mon, 07 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2017-08-28T15:00:00

Updated: 2024-10-04T17:00:57.944Z

Reserved: 2015-12-09T00:00:00

Link: CVE-2016-0634

cve-icon Vulnrichment

Updated: 2024-08-05T22:22:55.842Z

cve-icon NVD

Status : Modified

Published: 2017-08-28T15:29:01.487

Modified: 2024-11-21T02:42:03.420

Link: CVE-2016-0634

cve-icon Redhat

Severity : Moderate

Publid Date: 2015-10-16T00:00:00Z

Links: CVE-2016-0634 - Bugzilla