GNU Coreutils 6.8

CPE Details

GNU Coreutils 6.8
gnu
coreutils
6.8
2009-12-14
17h16 +00:00
2017-01-04
19h02 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:coreutils:6.8:*:*:*:*:*:*:*

Informations

Vendor

gnu

Product

coreutils

Version

6.8

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-4042 2020-01-24 15h59 +00:00 Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.
9.8
Critical
CVE-2017-18018 2018-01-04 03h00 +00:00 In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
4.7
Medium
CVE-2016-2781 2017-02-07 14h00 +00:00 chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
6.5
Medium
CVE-2014-9471 2015-01-16 15h00 +00:00 The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
7.5
CVE-2009-4135 2009-12-11 15h00 +00:00 The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.
4.4