cvelistv5 - cve-2016-6903

CVE-2016-6903 (GCVE-0-2016-6903)

Vulnerability from cvelistv5 – Published: 2017-04-24 19:00 – Updated: 2024-08-06 01:43

Summary

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

Severity ?

No CVSS data available.

CWE

Assigner

debian

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1369345	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/92591	vdb-entryx_refsource_BID
	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug…	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/0…	mailing-listx_refsource_MLIST
	https://github.com/ghantoos/lshell/issues/149	x_refsource_CONFIRM
	https://github.com/ghantoos/lshell/commit/e72dfcd…	x_refsource_CONFIRM
	https://github.com/ghantoos/lshell/pull/153/commi…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:43:38.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
          },
          {
            "name": "92591",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
          },
          {
            "name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ghantoos/lshell/issues/149"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-24T18:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
        },
        {
          "name": "92591",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
        },
        {
          "name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ghantoos/lshell/issues/149"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-6903",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
            },
            {
              "name": "92591",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92591"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
            },
            {
              "name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
            },
            {
              "name": "https://github.com/ghantoos/lshell/issues/149",
              "refsource": "CONFIRM",
              "url": "https://github.com/ghantoos/lshell/issues/149"
            },
            {
              "name": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0",
              "refsource": "CONFIRM",
              "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
            },
            {
              "name": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68",
              "refsource": "CONFIRM",
              "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-6903",
    "datePublished": "2017-04-24T19:00:00",
    "dateReserved": "2016-08-22T00:00:00",
    "dateUpdated": "2024-08-06T01:43:38.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lshell_project:lshell:0.9.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EF0F461-1D41-493E-8F35-66E153E5CCCD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.\"}, {\"lang\": \"es\", \"value\": \"Ishell 0.9.16 permite a usuarios remotos autenticados salir de un shell limitado y ejecutar comandos arbitrarios.\"}]",
      "id": "CVE-2016-6903",
      "lastModified": "2024-11-21T02:57:03.877",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.9, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.1, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-04-24T19:59:00.377",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2016/08/22/17\", \"source\": \"security@debian.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92591\", \"source\": \"security@debian.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946\", \"source\": \"security@debian.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1369345\", \"source\": \"security@debian.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0\", \"source\": \"security@debian.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ghantoos/lshell/issues/149\", \"source\": \"security@debian.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68\", \"source\": \"security@debian.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/08/22/17\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92591\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1369345\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ghantoos/lshell/issues/149\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@debian.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6903\",\"sourceIdentifier\":\"security@debian.org\",\"published\":\"2017-04-24T19:59:00.377\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.\"},{\"lang\":\"es\",\"value\":\"Ishell 0.9.16 permite a usuarios remotos autenticados salir de un shell limitado y ejecutar comandos arbitrarios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lshell_project:lshell:0.9.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EF0F461-1D41-493E-8F35-66E153E5CCCD\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2016/08/22/17\",\"source\":\"security@debian.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92591\",\"source\":\"security@debian.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946\",\"source\":\"security@debian.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1369345\",\"source\":\"security@debian.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0\",\"source\":\"security@debian.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ghantoos/lshell/issues/149\",\"source\":\"security@debian.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68\",\"source\":\"security@debian.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/08/22/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92591\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1369345\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ghantoos/lshell/issues/149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

FKIE_CVE-2016-6903

Vulnerability from fkie_nvd - Published: 2017-04-24 19:59 - Updated: 2025-04-20 01:37

Severity ?

9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

References

URL	Tags
security@debian.org	http://www.openwall.com/lists/oss-security/2016/08/22/17	Mailing List, Patch, Third Party Advisory
security@debian.org	http://www.securityfocus.com/bid/92591	Third Party Advisory, VDB Entry
security@debian.org	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946	Issue Tracking, Patch, Third Party Advisory
security@debian.org	https://bugzilla.redhat.com/show_bug.cgi?id=1369345	Issue Tracking, Patch
security@debian.org	https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0	Issue Tracking, Patch, Third Party Advisory
security@debian.org	https://github.com/ghantoos/lshell/issues/149	Issue Tracking, Patch, Third Party Advisory
security@debian.org	https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/08/22/17	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92591	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1369345	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ghantoos/lshell/issues/149	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68	Issue Tracking, Patch, Third Party Advisory

Impacted products

	Vendor	Product	Version
	lshell_project	lshell	0.9.16

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lshell_project:lshell:0.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EF0F461-1D41-493E-8F35-66E153E5CCCD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
    },
    {
      "lang": "es",
      "value": "Ishell 0.9.16 permite a usuarios remotos autenticados salir de un shell limitado y ejecutar comandos arbitrarios."
    }
  ],
  "id": "CVE-2016-6903",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-24T19:59:00.377",
  "references": [
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92591"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ghantoos/lshell/issues/149"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ghantoos/lshell/issues/149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2016-06706

Vulnerability from cnvd - Published: 2016-08-25

Title

lshell安全绕过漏洞

Description

lshell是一套使用Python编写的用于控制使用者运行环境的shell命令。 lshell中存在安全绕过漏洞。攻击者可利用该漏洞绕过安全限制，执行未授权操作。

Severity

中

Patch Name

lshell安全绕过漏洞的补丁

Patch Description

lshell是一套使用Python编写的用于控制使用者运行环境的shell命令。 lshell中存在安全绕过漏洞。攻击者可利用该漏洞绕过安全限制，执行未授权操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： https://github.com/ghantoos/lshell

Reference

http://www.securityfocus.com/bid/92591

Impacted products

Name
Ghantoos lshell 0.9.16-1

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "92591"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6903"
    }
  },
  "description": "lshell\u662f\u4e00\u5957\u4f7f\u7528Python\u7f16\u5199\u7684\u7528\u4e8e\u63a7\u5236\u4f7f\u7528\u8005\u8fd0\u884c\u73af\u5883\u7684shell\u547d\u4ee4\u3002\r\n\r\nlshell\u4e2d\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002",
  "discovererName": "Salvatore Bonaccorso",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://github.com/ghantoos/lshell",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-06706",
  "openTime": "2016-08-25",
  "patchDescription": "lshell\u662f\u4e00\u5957\u4f7f\u7528Python\u7f16\u5199\u7684\u7528\u4e8e\u63a7\u5236\u4f7f\u7528\u8005\u8fd0\u884c\u73af\u5883\u7684shell\u547d\u4ee4\u3002\r\n\r\nlshell\u4e2d\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "lshell\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Ghantoos lshell 0.9.16-1"
  },
  "referenceLink": "http://www.securityfocus.com/bid/92591",
  "serverity": "\u4e2d",
  "submitTime": "2016-08-24",
  "title": "lshell\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

CERTFR-2020-AVI-844

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Qnap	QuTS hero	QuTS hero versions antérieures à h4.5.1.1491 build 20201119
Qnap	N/A	QES versions antérieures à 2.1.1 Build 20201006
Qnap	QTS	QTS versions antérieures à 4.5.1.1495 build 20201123

References

Title

Publication Time

Tags

Bulletin de sécurité Qnap qsa-20-17 du 23 décembre 2020	None	vendor-advisory
Bulletin de sécurité Qnap qsa-20-19 du 23 décembre 2020	None	vendor-advisory
Bulletin de sécurité Qnap qsa-20-20 du 23 décembre 2020	None	vendor-advisory
Bulletin de sécurité Qnap qsa-20-18 du 23 décembre 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QuTS hero versions ant\u00e9rieures \u00e0 h4.5.1.1491 build 20201119",
      "product": {
        "name": "QuTS hero",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QES versions ant\u00e9rieures \u00e0 2.1.1 Build 20201006",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QTS versions ant\u00e9rieures \u00e0 4.5.1.1495 build 20201123",
      "product": {
        "name": "QTS",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-2499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2499"
    },
    {
      "name": "CVE-2020-2504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2504"
    },
    {
      "name": "CVE-2020-25847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25847"
    },
    {
      "name": "CVE-2020-2503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2503"
    },
    {
      "name": "CVE-2020-2505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2505"
    },
    {
      "name": "CVE-2016-6903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6903"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-844",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-12-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-17 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-17"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-19 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-19"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-20 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-20"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-18 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-18"
    }
  ]
}

CERTFR-2020-AVI-844

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Qnap	QuTS hero	QuTS hero versions antérieures à h4.5.1.1491 build 20201119
Qnap	N/A	QES versions antérieures à 2.1.1 Build 20201006
Qnap	QTS	QTS versions antérieures à 4.5.1.1495 build 20201123

References

Title

Publication Time

Tags

Bulletin de sécurité Qnap qsa-20-17 du 23 décembre 2020	None	vendor-advisory
Bulletin de sécurité Qnap qsa-20-19 du 23 décembre 2020	None	vendor-advisory
Bulletin de sécurité Qnap qsa-20-20 du 23 décembre 2020	None	vendor-advisory
Bulletin de sécurité Qnap qsa-20-18 du 23 décembre 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QuTS hero versions ant\u00e9rieures \u00e0 h4.5.1.1491 build 20201119",
      "product": {
        "name": "QuTS hero",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QES versions ant\u00e9rieures \u00e0 2.1.1 Build 20201006",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    },
    {
      "description": "QTS versions ant\u00e9rieures \u00e0 4.5.1.1495 build 20201123",
      "product": {
        "name": "QTS",
        "vendor": {
          "name": "Qnap",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-2499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2499"
    },
    {
      "name": "CVE-2020-2504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2504"
    },
    {
      "name": "CVE-2020-25847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25847"
    },
    {
      "name": "CVE-2020-2503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2503"
    },
    {
      "name": "CVE-2020-2505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2505"
    },
    {
      "name": "CVE-2016-6903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6903"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-844",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-12-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-17 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-17"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-19 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-19"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-20 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-20"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-18 du 23 d\u00e9cembre 2020",
      "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-18"
    }
  ]
}

GHSA-VW92-QFR4-W98M

Vulnerability from github – Published: 2022-05-17 02:47 – Updated: 2022-05-17 02:47

Details

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

Severity ?

9.9 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6903"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-24T19:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.",
  "id": "GHSA-vw92-qfr4-w98m",
  "modified": "2022-05-17T02:47:51Z",
  "published": "2022-05-17T02:47:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6903"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ghantoos/lshell/issues/149"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/92591"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2016-6903

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

Aliases

CVE-2016-6903

Aliases

CVE-2016-6903

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6903",
    "description": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.",
    "id": "GSD-2016-6903",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-6903.html",
      "https://advisories.mageia.org/CVE-2016-6903.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6903"
      ],
      "details": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.",
      "id": "GSD-2016-6903",
      "modified": "2023-12-13T01:21:23.155241Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@debian.org",
        "ID": "CVE-2016-6903",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
          },
          {
            "name": "92591",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/92591"
          },
          {
            "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946",
            "refsource": "CONFIRM",
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
          },
          {
            "name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
          },
          {
            "name": "https://github.com/ghantoos/lshell/issues/149",
            "refsource": "CONFIRM",
            "url": "https://github.com/ghantoos/lshell/issues/149"
          },
          {
            "name": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0",
            "refsource": "CONFIRM",
            "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
          },
          {
            "name": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68",
            "refsource": "CONFIRM",
            "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:lshell_project:lshell:0.9.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-6903"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
            },
            {
              "name": "https://github.com/ghantoos/lshell/issues/149",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ghantoos/lshell/issues/149"
            },
            {
              "name": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
            },
            {
              "name": "92591",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/92591"
            },
            {
              "name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory",
                "Patch"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.1,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2017-04-27T19:14Z",
      "publishedDate": "2017-04-24T19:59Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-6903 (GCVE-0-2016-6903)

FKIE_CVE-2016-6903

CNVD-2016-06706

CERTFR-2020-AVI-844

Solution

CERTFR-2020-AVI-844

Solution

GHSA-VW92-QFR4-W98M

GSD-2016-6903

Tags

Sightings

Nomenclature