Oval Definition:oval:org.mitre.oval:def:13130
Revision Date:2014-06-30Version:19
Title:USN-732-1 -- dash vulnerability
Description:Wolfgang M. Reimer discovered that dash, when invoked as a login shell, would source .profile files from the current directory. Local users may be able to bypass security restrictions and gain root privileges by placing specially crafted .profile files where they might get sourced by other dash users.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0854
USN-732-1
USN-732-1
Platform(s):Ubuntu 8.04
Ubuntu 8.10
Product(s):dash
Definition Synopsis
  • Release section
  • Ubuntu 8.10 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND ash DPKG is earlier than 0.5.4-9ubuntu1.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND dash DPKG is earlier than 0.5.4-9ubuntu1.1
  • OR Release section
  • Ubuntu 8.04 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND ash DPKG is earlier than 0.5.4-8ubuntu1.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND dash DPKG is earlier than 0.5.4-8ubuntu1.1
  • BACK