oval:org.mitre.oval:def:27981

Definition Id: oval:org.mitre.oval:def:27981

Oval ID:	oval:org.mitre.oval:def:27981
Title:	SUSE-SU-2014:1259-1 -- bash (important)
Description:	The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances (CVE-2014-7169). Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 and it is less serious due to the special, non-default system configuration that is needed to create an exploitable situation. To remove further exploitation potential we now limit the function-in-environment variable to variables prefixed with BASH_FUNC_ . This hardening feature is work in progress and might be improved in later updates. Additionaly two more security issues were fixed in bash: CVE-2014-7186: Nested HERE documents could lead to a crash of bash. CVE-2014-7187: Nesting of for loops could lead to a crash of bash.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1259-1 CVE-2014-7169 CVE-2014-6271 CVE-2014-7186 CVE-2014-7187	Version:	3
Platform(s):	SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12	Product(s):
Definition Synopsis:
SUSE Linux Enterprise Server 12 and SUSE Linux Enterprise Desktop 12 release section Operation system section SUSE Linux Enterprise Server 12 is installed AND SUSE Linux Enterprise Desktop 12 is installed Packages match section bash-doc is earlier than 0:4.2-81.1 AND readline-doc is earlier than 0:6.2-81.1 AND SUSE Linux Enterprise Desktop 12 release section SUSE Linux Enterprise Desktop 12 is installed Packages match section bash is earlier than 0:4.2-81.1 AND bash-debuginfo is earlier than 0:4.2-81.1 AND bash-debugsource is earlier than 0:4.2-81.1 AND libreadline6 is earlier than 0:6.2-81.1 AND libreadline6-debuginfo is earlier than 0:6.2-81.1 AND bash-lang is earlier than 0:4.2-81.1

Definition Id: oval:org.mitre.oval:def:28211

Oval ID:	oval:org.mitre.oval:def:28211
Title:	SUSE Linux Enterprise Server 12 is installed
Description:	SUSE Linux Enterprise Server 12 is installed.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:novell:suse_linux:12::server	Version:	3
Platform(s):	SUSE Linux Enterprise Server 12	Product(s):
Definition Synopsis:
SUSE Linux Enterprise Server 12 is installed
Referenced By:
oval:org.mitre.oval:def:27981

Definition Id: oval:org.mitre.oval:def:28148

Oval ID:	oval:org.mitre.oval:def:28148
Title:	SUSE Linux Enterprise Desktop 12 is installed
Description:	SUSE Linux Enterprise Desktop 12 is installed.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:suse:suse_linux:12::desktop	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 12	Product(s):
Definition Synopsis:
SUSE Linux Enterprise Desktop 12 is installed
Referenced By:
oval:org.mitre.oval:def:27981 oval:org.mitre.oval:def:27981

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0260s

Facebook rss twitter linkedin mail