Download
| Alert*
oval:org.secpod.oval:def:89002311
This update for bash fixes the following issues: Security issues fixed: - CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed - CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed Non-security issues fixed: - Fix repeating self-calling of traps due ... oval:org.secpod.oval:def:89002479 This update for bash fixes the following issues: Security issues fixed: - CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed - CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed Non-security issues fixed: - Fix repeating self-calling of traps due ... oval:org.secpod.oval:def:89044845 This update for bash fixes the following issues: - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables. - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the prompt. The ... oval:org.secpod.oval:def:204589 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:2100678 Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. oval:org.secpod.oval:def:204694 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:111437 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:1800197 Shells running as root inherited PS4 from the environment, allowing PS4 expansion performing command substitution. Local attacker could gain arbitrary code execution via bogus setuid binaries using system/popen by specially crafting SHELLOPTS+PS4 environment variables. Fixed In Version bash 4.4 oval:org.secpod.oval:def:111391 The GNU Bourne Again shell is a shell or command language interpreter that is compatible with the Bourne shell . Bash incorporates useful features from the Korn shell and the C shell . Most sh scripts can be run by bash without modification. oval:org.secpod.oval:def:1501804 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:1800618 Shells running as root inherited PS4 from the environment, allowing PS4 expansion performing command substitution. Local attacker could gain arbitrary code execution via bogus setuid binaries using system/popen by specially crafting SHELLOPTS+PS4 environment variables. Fixed In Version: bash 4.4 oval:org.secpod.oval:def:502078 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:51796 bash: GNU Bourne Again SHell Several security issues were fixed in Bash. oval:org.secpod.oval:def:502007 The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ... oval:org.secpod.oval:def:1600759 popd controlled free:A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session.Arbitrary code execution via malicious hostname:An arbitrary command inject ... oval:org.secpod.oval:def:703612 bash: GNU Bourne Again SHell Several security issues were fixed in Bash. oval:org.secpod.oval:def:1501960 The advisory is missing the security advisory description. For more information please visit the reference link |