Vulnerabilities

CVE-2010-0002

by Fred · 14/01/2010

The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the –show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename.

Date published : 2010-01-14

https://qa.mandriva.com/show_bug.cgi?id=56882

http://www.mandriva.com/security/advisories?name=MDVSA-2010:004

Similar

Tags: Cybersecurity Alert