|Category:||Debian Local Security Checks|
|Title:||Debian LTS: Security Advisory for ksh (DLA-2284-1)|
|Summary:||The remote host is missing an update for the 'ksh'; package(s) announced via the DLA-2284-1 advisory.|
The remote host is missing an update for the 'ksh'
package(s) announced via the DLA-2284-1 advisory.
A flaw was found in the way it evaluates certain
environment variables. An attacker could use this
flaw to override or bypass environment restrictions
to execute shell commands. Services and
applications that allow remote unauthenticated
attackers to provide one of those environment
variables could allow them to exploit this issue
'ksh' package(s) on Debian Linux.
For Debian 9 stretch, this problem has been fixed in version
We recommend that you upgrade your ksh packages.
Common Vulnerability Exposure (CVE) ID: CVE-2019-14868|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.