|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2012:0988-1)|
|Summary:||The remote host is missing an update for the 'bash' package(s) announced via the SUSE-SU-2012:0988-1 advisory.|
The remote host is missing an update for the 'bash' package(s) announced via the SUSE-SU-2012:0988-1 advisory.
Parsing the /dev/fd prefix could have lead to a stack-based buffer overflow which could have been exploited by attackers to bypass security restrictions. This has been fixed.
Security Issue reference:
'bash' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP2, SUSE Linux Enterprise Software Development Kit 11 SP1, SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Server 11 SP1, SUSE Linux Enterprise Server 10 SP4, SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Desktop 11 SP1, SUSE Linux Enterprise Desktop 10 SP4
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2012-3410|
BugTraq ID: 54937
SuSE Security Announcement: openSUSE-SU-2012:0898 (Google Search)
XForce ISS Database: bash-devfd-bo(77551)
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.