Oval Definition:oval:org.opensuse.security:def:20148517
Revision Date:2022-06-30Version:1
Title:CVE-2014-8517
Description:

The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-8517
Mitre CVE-2014-8517
SUSE CVE-2014-8517
openSUSE-SU-2014:1383-1
Platform(s):openSUSE 13.1
openSUSE 13.2
openSUSE Leap 15.0
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap 42.1
openSUSE Leap 42.2
openSUSE Leap 42.3
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE 13.1 is installed
  • AND tnftp-20100108-2.4.1 is installed
    • Definition Synopsis
  • openSUSE 13.2 is installed
  • AND tnftp-20130505-4.4.1 is installed
    • Definition Synopsis
  • openSUSE Leap 42.1 is installed
  • AND Package Information
  • tnftp-20141104-2.2 is installed
  • AND tnftp is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • tnftp-20141104-3.3 is installed
  • AND tnftp is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • tnftp-20141104-5 is installed
  • AND tnftp is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • tnftp-20151004-lp150.1 is installed
  • AND tnftp is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND tnftp-20151004-1.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • tnftp-20151004-bp153.1.16 is installed
  • AND tnftp is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • tnftp-20151004-bp154.2.20 is installed
  • AND tnftp is signed with openSUSE key
    • BACK