Bash Exploits

459 exploits tracked across all sources.

Sort: Activity Stars
CVE-2000-0013 EXPLOITDB bash VERIFIED
IRIX soundplayer - Privilege Escalation
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
by Loneguard
CVE-2000-0009 EXPLOITDB bash VERIFIED
Optivity NETarchitect - Command Injection
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
by Loneguard
CVE-1999-1109 EXPLOITDB bash VERIFIED
Sendmail <8.10.0 - DoS
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
by Michal Zalewski
CVE-1999-0864 EXPLOITDB bash VERIFIED
UnixWare - Local Privilege Escalation
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
by Brock Tellier
CVE-2000-0362 EXPLOITDB bash VERIFIED
Suse Linux - Buffer Overflow
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
by Brock Tellier
CVE-1999-1477 EXPLOITDB bash VERIFIED
Gnome Libs - Buffer Overflow
Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.
by Brock Tellier
CVE-1999-0906 EXPLOITDB bash VERIFIED
Suse Linux - Buffer Overflow
Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.
by Brock Tellier
CVE-1999-0786 EXPLOITDB bash VERIFIED
Solaris - Local File Creation
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
by Steve Mynott
CVE-1999-0689 EXPLOITDB bash VERIFIED
CDE dtspcd < - Command Injection
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
by Job de Haas of ITSX
CVE-1999-0888 EXPLOITDB bash VERIFIED
Oracle Intelligent Agent - Privilege Escalation
dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script.
by Brock Tellier
CVE-1999-0710 EXPLOITDB bash VERIFIED
Squid - Open Redirect
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
by fsaa
EIP-2026-103537 EXPLOITDB bash VERIFIED
Lotus Domino 4.6.1/4.6.4 Notes - SMTPA MTA Mail Relay
by Robert Lister
CVE-1999-1412 EXPLOITDB bash VERIFIED
Apple MacOS X 1.0 - Apache HTTP Server - DoS
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
by Juergen Schmidt
CVE-1999-0767 EXPLOITDB bash VERIFIED
SUN Solaris - Buffer Overflow
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
by UNYUN@ShadowPenguinSecurity
CVE-1999-1566 EXPLOITDB bash VERIFIED
Intel Iparty < 1.2 - Buffer Overflow
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
by wh00t
EIP-2026-102939 EXPLOITDB bash VERIFIED
Oracle 8 - File Access
by Kevin Wenchel
CVE-1999-0350 EXPLOITDB bash VERIFIED
ClearCase - Privilege Escalation
Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits.
by Mudge
CVE-1999-0442 EXPLOITDB bash VERIFIED
Solaris ff.core - Privilege Escalation
Solaris ff.core allows local users to modify files.
by John McDonald
CVE-1999-0388 EXPLOITDB bash VERIFIED
DataLynx suGuard - Command Injection
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.
by Dr. Mudge
CVE-1999-0051 EXPLOITDB bash VERIFIED
IRIX <5.0 - Code Injection
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
by Joel Eriksson
CVE-2000-0077 EXPLOITDB bash VERIFIED
HP-UX - Privilege Escalation
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
by Loneguard
CVE-1999-0314 EXPLOITDB bash VERIFIED
ioconfig on SGI IRIX 6.4 S2MP - Privilege Escalation
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.
by Loneguard
CVE-1999-1191 EXPLOITDB bash VERIFIED
Solaris 2.5.1 - Privilege Escalation
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
by Joe Zbiciak
EIP-2026-102327 EXPLOITDB bash VERIFIED
SGI IRIX 6.2 - 'day5notifier' Local Privilege Escalation
by Mike Neuman
CVE-1999-1410 EXPLOITDB bash VERIFIED
IRIX <6.2 - Privilege Escalation
addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.
by Jaechul Choe
By Source
All 459 Exploitdb 50,123 Writeup 46,591 Nomisec 21,116 Metasploit 3,189 Github 2,221 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,726 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 256 c++ 245 shell 67 go 41 postscript 25 xml 24