| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2014-2905 |
| Description: |
fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2014-2905
Mitre CVE-2014-2905
SUSE CVE-2014-2905
openSUSE-SU-2019:2177-1
openSUSE-SU-2019:2177-1
openSUSE-SU-2019:2188-1
openSUSE-SU-2019:2188-1
|
| Platform(s): | openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Package Hub for SUSE Linux Enterprise 12
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.0 is installed AND Package Information
fish3-3.0.0-lp150.3 is installed
AND fish3 is signed with openSUSE key
OR
fish3-devel-3.0.0-lp150.3 is installed
AND fish3-devel is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Leap 15.1 is installed
AND Package Information
fish3-3.0.0-lp151.2 is installed
AND fish3 is signed with openSUSE key
OR
fish3-devel-3.0.0-lp151.2 is installed
AND fish3-devel is signed with openSUSE key
|
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 12 is installed
AND fish-2.2.0-6 is installed
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND fish-2.4.0-1.1 is installed
|
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 12 is installed
AND fish-2.2.0-6.1 is installed
|