Executive Summary
Summary | |
---|---|
Title | Bash: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201210-05 | First vendor Publication | 2012-10-20 |
Vendor | Gentoo | Last vendor Modification | 2012-10-20 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.9 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Two vulnerabilities have been found in Bash, the worst of which may allow execution of arbitrary code. Background Description * Bash example scripts do not handle temporary files securely (CVE-2008-5374). Impact A local attacker may be able to perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application or bypass shell access restrictions. Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201210-05.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201210-05.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
50 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:21954 | |||
Oval ID: | oval:org.mitre.oval:def:21954 | ||
Title: | RHSA-2011:1073: bash security, bug fix, and enhancement update (Low) | ||
Description: | bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1073-01 CESA-2011:1073 CVE-2008-5374 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | bash |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23045 | |||
Oval ID: | oval:org.mitre.oval:def:23045 | ||
Title: | ELSA-2011:1073: bash security, bug fix, and enhancement update (Low) | ||
Description: | bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1073-01 CVE-2008-5374 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | bash |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27689 | |||
Oval ID: | oval:org.mitre.oval:def:27689 | ||
Title: | DEPRECATED: ELSA-2011-1073 -- bash security, bug fix, and enhancement update (low) | ||
Description: | [3.2-32] - Dont include backup files Resolves: #700157 [3.2-31] - Use 'mktemp' for temporary files Resolves: #700157 [3.2-30] - Added man page references to systemwide .bash_logout Resolves: #592979 [3.2-29] - Readline glitch, when editing line with more spaces and resizing window Resolves: #525474 [3.2-28] - Fix the memory leak in read builtin Resolves: #618393 - Dont append slash to non-directories Resolves: #583919 [3.2-27] - Test .dynamic section if has PROGBITS or NOBITS Resolves: #484809 - Better random number generator Resolves: #492908 - Allow to source scripts with embeded NULL chars Resolves: #503701 [3.2-26] - vi mode redo insert fixed Resolves: #575076 - Dont show broken pipe messages for builtins Resolves: #546529 - Dont include loadables in doc dir Resolves: #663656 - Enable system-wide .bash_logout for login shells Resolves: #592979 [3.2-25] - Dont abort source builtin Resolves: #448508 - Correctly place cursor Resolves: #463880 - Minor man page clarification for trap builtin Resolves: #504904 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1073 CVE-2008-5374 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | bash |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2012-10-22 | Name : Gentoo Security Advisory GLSA 201210-05 (bash) File : nvt/glsa_201210_05.nasl |
2012-08-14 | Name : Mandriva Update for bash MDVSA-2012:128 (bash) File : nvt/gb_mandriva_MDVSA_2012_128.nasl |
2012-07-30 | Name : CentOS Update for bash CESA-2011:1073 centos5 x86_64 File : nvt/gb_CESA-2011_1073_bash_centos5_x86_64.nasl |
2011-09-23 | Name : CentOS Update for bash CESA-2011:1073 centos5 i386 File : nvt/gb_CESA-2011_1073_bash_centos5_i386.nasl |
2011-07-22 | Name : RedHat Update for bash RHSA-2011:1073-01 File : nvt/gb_RHSA-2011_1073-01_bash.nasl |
2011-02-18 | Name : RedHat Update for bash RHSA-2011:0261-01 File : nvt/gb_RHSA-2011_0261-01_bash.nasl |
2010-01-19 | Name : Mandriva Update for bash MDVSA-2010:004 (bash) File : nvt/gb_mandriva_MDVSA_2010_004.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
51690 | bash-doc Multiple Script Temporary File Symlink Arbitrary File Overwrite |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_bash_20141107.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-408.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-0261.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-032.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_bash-120713.nasl - Type : ACT_GATHER_INFO |
2012-10-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201210-05.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-128.nasl - Type : ACT_GATHER_INFO |
2012-08-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_bash-8217.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110216_bash_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110721_bash_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-09-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-1073.nasl - Type : ACT_GATHER_INFO |
2011-07-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1073.nasl - Type : ACT_GATHER_INFO |
2011-02-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0261.nasl - Type : ACT_GATHER_INFO |
2010-01-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-004.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:37:38 |
|