Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2017-14176 - log back

CVE-2017-14176 edited at 04 Feb 2020 08:03:04

Severity

-	Unknown
+	High

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Arbitrary code execution

Description

+	Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.

References

+	https://bugs.launchpad.net/bzr/+bug/1710979

Notes

CVE-2017-14176 created at 21 Jan 2020 15:43:50