|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2017:0302-1)|
|Summary:||The remote host is missing an update for the 'bash' package(s) announced via the SUSE-SU-2017:0302-1 advisory.|
The remote host is missing an update for the 'bash' package(s) announced via the SUSE-SU-2017:0302-1 advisory.
This update for bash fixes the following issues:
- CVE-2016-7543: Local attackers could have executed arbitrary commands
via specially crafted SHELLOPTS+PS4 variables. (bsc#1001299)
- CVE-2016-0634: Malicious hostnames could have allowed arbitrary command
execution when $HOSTNAME was expanded in the prompt. (bsc#1000396)
The following bugs were fixed:
- bsc#971410: Scripts could terminate unexpectedly due to mishandled
- bsc#959755: Clarify that the files /etc/profile as well as
/etc/bash.bashrc may source
other files as well even if the bash does not.
'bash' package(s) on SUSE Linux Enterprise Software Development Kit 11-SP4, SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP4
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2016-0634|
BugTraq ID: 92999
RedHat Security Advisories: RHSA-2017:0725
RedHat Security Advisories: RHSA-2017:1931
Common Vulnerability Exposure (CVE) ID: CVE-2016-7543
BugTraq ID: 93183
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.