ID de Prueba:	1.3.6.1.4.1.25623.1.0.871874
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for bash RHSA-2017:1931-01
Resumen:	The remote host is missing an update for the 'bash'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'bash' package(s) announced via the referenced advisory. Vulnerability Insight: The bash packages provide Bash (Bourne-again shell), which is the default shell for Red Hat Enterprise Linux. Security Fix(es): * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. (CVE-2016-0634) * An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances. (CVE-2016-7543) * A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session. (CVE-2016-9401) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. Affected Software/OS: bash on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0634 BugTraq ID: 92999 http://www.securityfocus.com/bid/92999 https://security.gentoo.org/glsa/201612-39 http://www.openwall.com/lists/oss-security/2016/09/16/8 http://www.openwall.com/lists/oss-security/2016/09/16/12 http://www.openwall.com/lists/oss-security/2016/09/18/11 http://www.openwall.com/lists/oss-security/2016/09/19/7 http://www.openwall.com/lists/oss-security/2016/09/20/1 http://www.openwall.com/lists/oss-security/2016/09/27/9 http://www.openwall.com/lists/oss-security/2016/09/29/27 http://www.openwall.com/lists/oss-security/2016/10/07/6 http://www.openwall.com/lists/oss-security/2016/10/10/3 http://www.openwall.com/lists/oss-security/2016/10/10/4 RedHat Security Advisories: RHSA-2017:0725 http://rhn.redhat.com/errata/RHSA-2017-0725.html RedHat Security Advisories: RHSA-2017:1931 https://access.redhat.com/errata/RHSA-2017:1931 Common Vulnerability Exposure (CVE) ID: CVE-2016-7543 BugTraq ID: 93183 http://www.securityfocus.com/bid/93183 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7XOQSHU63Y357NHU5FPTFBM6I3YOCQB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OU3C756YPHDAAPFX76UGZBAQQQ5UMHS5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2VRBSIPZDZ75ZQ2DLITHUIDW4W26KVR/ https://security.gentoo.org/glsa/201701-02 https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00018.html http://www.openwall.com/lists/oss-security/2016/09/26/9 http://www.securitytracker.com/id/1037812 Common Vulnerability Exposure (CVE) ID: CVE-2016-9401 BugTraq ID: 94398 http://www.securityfocus.com/bid/94398 https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html http://www.openwall.com/lists/oss-security/2016/11/17/9 http://www.openwall.com/lists/oss-security/2016/11/17/5
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.