oval:org.mitre.oval:def:26821

Definition Id: oval:org.mitre.oval:def:26821

Oval ID:	oval:org.mitre.oval:def:26821
Title:	SUSE-SU-2014:1214-1 -- Security update for bash
Description:	ash has been updated to fix a critical security issue. In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash scripts. (CVE-2014-6271) Additionally, the following bugs have been fixed: * Avoid possible buffer overflow when expanding the /dev/fd prefix with e.g. the test built-in. (CVE-2012-3410) * Enable workaround for changed behavior of sshd. (bnc#688469) Security Issues: * CVE-2014-6271 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271> * CVE-2012-3410 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1214-1 CVE-2014-6271 CVE-2012-3410 CVE-2014-0475	Version:	3
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):	bash
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed Packages match section bash RPM is earlier than 0:3.1-24.32.1 AND readline RPM is earlier than 0:5.1-24.32.1 AND readline-devel RPM is earlier than 0:5.1-24.32.1 AND readline-32bit RPM is earlier than 0:5.1-24.32.1 AND readline-devel-32bit RPM is earlier than 0:5.1-24.32.1

Definition Id: oval:org.mitre.oval:def:1368

Oval ID:	oval:org.mitre.oval:def:1368
Title:	SUSE Linux Enterprise Server 10 is installed
Description:	SUSE Linux Enterprise Server 10 is installed.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:novell:suse_linux:10::server	Version:	6
Platform(s):	SUSE Linux Enterprise Server 10	Product(s):
Definition Synopsis:
SUSE Linux Enterprise Server 10 is installed
Referenced By:
oval:org.mitre.oval:def:26821