English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.882030
Categoría:CentOS Local Security Checks
Título:CentOS Update for bash CESA-2014:1293 centos7
Resumen:The remote host is missing an update for the 'bash'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'bash'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The GNU Bourne Again shell (Bash) is a shell
and command language interpreter compatible with the Bourne shell (sh). Bash is
the default shell for Red Hat Enterprise Linux.

A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override or
bypass environment restrictions to execute shell commands. Certain
services and applications allow remote unauthenticated attackers to
provide environment variables, allowing them to exploit this issue.
(CVE-2014-6271)

For additional information on the CVE-2014-6271 flaw, refer to the
Knowledgebase article linked at the references.

Red Hat would like to thank Stephane Chazelas for reporting this issue.

All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.

Affected Software/OS:
bash on CentOS 7

Solution:
Please install the updated packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-6271
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
BugTraq ID: 70103
http://www.securityfocus.com/bid/70103
Bugtraq: 20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/533593/100/0/threaded
Cert/CC Advisory: TA14-268A
http://www.us-cert.gov/ncas/alerts/TA14-268A
CERT/CC vulnerability note: VU#252743
http://www.kb.cert.org/vuls/id/252743
Cisco Security Advisory: 20140926 GNU Bash Environmental Variable Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
Debian Security Information: DSA-3032 (Google Search)
http://www.debian.org/security/2014/dsa-3032
https://www.exploit-db.com/exploits/34879/
https://www.exploit-db.com/exploits/37816/
https://www.exploit-db.com/exploits/38849/
https://www.exploit-db.com/exploits/39918/
https://www.exploit-db.com/exploits/40619/
https://www.exploit-db.com/exploits/40938/
https://www.exploit-db.com/exploits/42938/
http://seclists.org/fulldisclosure/2014/Oct/0
HPdes Security Advisory: HPSBGN03117
http://marc.info/?l=bugtraq&m=141216207813411&w=2
HPdes Security Advisory: HPSBGN03138
http://marc.info/?l=bugtraq&m=141330468527613&w=2
HPdes Security Advisory: HPSBGN03141
http://marc.info/?l=bugtraq&m=141383304022067&w=2
HPdes Security Advisory: HPSBGN03142
http://marc.info/?l=bugtraq&m=141383244821813&w=2
HPdes Security Advisory: HPSBGN03233
http://marc.info/?l=bugtraq&m=142118135300698&w=2
HPdes Security Advisory: HPSBHF03119
http://marc.info/?l=bugtraq&m=141216668515282&w=2
HPdes Security Advisory: HPSBHF03124
http://marc.info/?l=bugtraq&m=141235957116749&w=2
HPdes Security Advisory: HPSBHF03125
http://marc.info/?l=bugtraq&m=141345648114150&w=2
HPdes Security Advisory: HPSBHF03145
http://marc.info/?l=bugtraq&m=141383465822787&w=2
HPdes Security Advisory: HPSBHF03146
http://marc.info/?l=bugtraq&m=141383353622268&w=2
HPdes Security Advisory: HPSBMU03133
http://marc.info/?l=bugtraq&m=141330425327438&w=2
HPdes Security Advisory: HPSBMU03143
http://marc.info/?l=bugtraq&m=141383026420882&w=2
HPdes Security Advisory: HPSBMU03144
http://marc.info/?l=bugtraq&m=141383081521087&w=2
HPdes Security Advisory: HPSBMU03165
http://marc.info/?l=bugtraq&m=141577137423233&w=2
HPdes Security Advisory: HPSBMU03182
http://marc.info/?l=bugtraq&m=141585637922673&w=2
HPdes Security Advisory: HPSBMU03217
http://marc.info/?l=bugtraq&m=141879528318582&w=2
HPdes Security Advisory: HPSBMU03220
http://marc.info/?l=bugtraq&m=142721162228379&w=2
HPdes Security Advisory: HPSBMU03245
http://marc.info/?l=bugtraq&m=142358026505815&w=2
HPdes Security Advisory: HPSBMU03246
http://marc.info/?l=bugtraq&m=142358078406056&w=2
HPdes Security Advisory: HPSBOV03228
http://marc.info/?l=bugtraq&m=142113462216480&w=2
HPdes Security Advisory: HPSBST03122
http://marc.info/?l=bugtraq&m=141319209015420&w=2
HPdes Security Advisory: HPSBST03129
http://marc.info/?l=bugtraq&m=141383196021590&w=2
HPdes Security Advisory: HPSBST03131
http://marc.info/?l=bugtraq&m=141383138121313&w=2
HPdes Security Advisory: HPSBST03148
http://marc.info/?l=bugtraq&m=141694386919794&w=2
HPdes Security Advisory: HPSBST03154
http://marc.info/?l=bugtraq&m=141577297623641&w=2
HPdes Security Advisory: HPSBST03155
http://marc.info/?l=bugtraq&m=141576728022234&w=2
HPdes Security Advisory: HPSBST03157
http://marc.info/?l=bugtraq&m=141450491804793&w=2
HPdes Security Advisory: HPSBST03181
http://marc.info/?l=bugtraq&m=141577241923505&w=2
HPdes Security Advisory: HPSBST03195
http://marc.info/?l=bugtraq&m=142805027510172&w=2
HPdes Security Advisory: HPSBST03196
http://marc.info/?l=bugtraq&m=142719845423222&w=2
HPdes Security Advisory: HPSBST03265
http://marc.info/?l=bugtraq&m=142546741516006&w=2
HPdes Security Advisory: SSRT101711
HPdes Security Advisory: SSRT101739
HPdes Security Advisory: SSRT101742
HPdes Security Advisory: SSRT101816
HPdes Security Advisory: SSRT101819
HPdes Security Advisory: SSRT101827
HPdes Security Advisory: SSRT101868
http://jvn.jp/en/jp/JVN55667175/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html
http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html
http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html
https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006
RedHat Security Advisories: RHSA-2014:1293
http://rhn.redhat.com/errata/RHSA-2014-1293.html
RedHat Security Advisories: RHSA-2014:1294
http://rhn.redhat.com/errata/RHSA-2014-1294.html
RedHat Security Advisories: RHSA-2014:1295
http://rhn.redhat.com/errata/RHSA-2014-1295.html
RedHat Security Advisories: RHSA-2014:1354
http://rhn.redhat.com/errata/RHSA-2014-1354.html
http://secunia.com/advisories/58200
http://secunia.com/advisories/59272
http://secunia.com/advisories/59737
http://secunia.com/advisories/59907
http://secunia.com/advisories/60024
http://secunia.com/advisories/60034
http://secunia.com/advisories/60044
http://secunia.com/advisories/60055
http://secunia.com/advisories/60063
http://secunia.com/advisories/60193
http://secunia.com/advisories/60325
http://secunia.com/advisories/60433
http://secunia.com/advisories/60947
http://secunia.com/advisories/61065
http://secunia.com/advisories/61128
http://secunia.com/advisories/61129
http://secunia.com/advisories/61188
http://secunia.com/advisories/61283
http://secunia.com/advisories/61287
http://secunia.com/advisories/61291
http://secunia.com/advisories/61312
http://secunia.com/advisories/61313
http://secunia.com/advisories/61328
http://secunia.com/advisories/61442
http://secunia.com/advisories/61471
http://secunia.com/advisories/61485
http://secunia.com/advisories/61503
http://secunia.com/advisories/61542
http://secunia.com/advisories/61547
http://secunia.com/advisories/61550
http://secunia.com/advisories/61552
http://secunia.com/advisories/61565
http://secunia.com/advisories/61603
http://secunia.com/advisories/61633
http://secunia.com/advisories/61641
http://secunia.com/advisories/61643
http://secunia.com/advisories/61654
http://secunia.com/advisories/61676
http://secunia.com/advisories/61700
http://secunia.com/advisories/61703
http://secunia.com/advisories/61711
http://secunia.com/advisories/61715
http://secunia.com/advisories/61780
http://secunia.com/advisories/61816
http://secunia.com/advisories/61855
http://secunia.com/advisories/61857
http://secunia.com/advisories/61873
http://secunia.com/advisories/62228
http://secunia.com/advisories/62312
http://secunia.com/advisories/62343
SuSE Security Announcement: SUSE-SU-2014:1212 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html
SuSE Security Announcement: SUSE-SU-2014:1213 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html
SuSE Security Announcement: SUSE-SU-2014:1223 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html
SuSE Security Announcement: SUSE-SU-2014:1260 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html
SuSE Security Announcement: SUSE-SU-2014:1287 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
SuSE Security Announcement: openSUSE-SU-2014:1226 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html
SuSE Security Announcement: openSUSE-SU-2014:1238 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html
SuSE Security Announcement: openSUSE-SU-2014:1254 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html
SuSE Security Announcement: openSUSE-SU-2014:1308 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html
SuSE Security Announcement: openSUSE-SU-2014:1310 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
http://www.ubuntu.com/usn/USN-2362-1
CopyrightCopyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.