oval:org.mitre.oval:def:27981
Definition Id: oval:org.mitre.oval:def:27981 | |||
Oval ID: | oval:org.mitre.oval:def:27981 | ||
Title: | SUSE-SU-2014:1259-1 -- bash (important) | ||
Description: | The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances (CVE-2014-7169). Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 and it is less serious due to the special, non-default system configuration that is needed to create an exploitable situation. To remove further exploitation potential we now limit the function-in-environment variable to variables prefixed with BASH_FUNC_ . This hardening feature is work in progress and might be improved in later updates. Additionaly two more security issues were fixed in bash: CVE-2014-7186: Nested HERE documents could lead to a crash of bash. CVE-2014-7187: Nesting of for loops could lead to a crash of bash. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1259-1 CVE-2014-7169 CVE-2014-6271 CVE-2014-7186 CVE-2014-7187 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28211 | |||
Oval ID: | oval:org.mitre.oval:def:28211 | ||
Title: | SUSE Linux Enterprise Server 12 is installed | ||
Description: | SUSE Linux Enterprise Server 12 is installed. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:novell:suse_linux:12::server | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 12 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:27981 |
Definition Id: oval:org.mitre.oval:def:28148 | |||
Oval ID: | oval:org.mitre.oval:def:28148 | ||
Title: | SUSE Linux Enterprise Desktop 12 is installed | ||
Description: | SUSE Linux Enterprise Desktop 12 is installed. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:suse:suse_linux:12::desktop | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 12 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:27981 oval:org.mitre.oval:def:27981 |