CentOS Local Security Checks : CentOS Update for bash CESA-2011:1073 centos5 x86

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.881347

Category: CentOS Local Security Checks

Title: CentOS Update for bash CESA-2011:1073 centos5 x86_64

Summary: The remote host is missing an update for the 'bash'; package(s) announced via the referenced advisory.

Description: Summary:
The remote host is missing an update for the 'bash'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Bash is the default shell for Red Hat Enterprise Linux.

It was found that certain scripts bundled with the Bash documentation
created temporary files in an insecure way. A malicious, local user could
use this flaw to conduct a symbolic link attack, allowing them to overwrite
the contents of arbitrary files accessible to the victim running the
scripts. (CVE-2008-5374)

This update fixes the following bugs:

* When using the source builtin at location '.', occasionally, bash
opted to preserve internal consistency and abort scripts. This caused
bash to abort scripts that assigned values to read-only variables.
This is now fixed to ensure that such scripts are now executed as
written and not aborted. (BZ#448508)

* When the tab key was pressed for auto-completion options for the typed
text, the cursor moved to an unexpected position on a previous line if
the prompt contained characters that cannot be viewed and a '\]'. This
is now fixed to retain the cursor at the expected position at the end of
the target line after autocomplete options correctly display. (BZ#463880)

* Bash attempted to interpret the NOBITS .dynamic section of the ELF
header. This resulted in a '^D: bad ELF interpreter: No such
file or directory' message. This is fixed to ensure that the invalid
'^D' does not appear in the error message. (BZ#484809)

* The $RANDOM variable in Bash carried over values from a previous
execution for later jobs. This is fixed and the $RANDOM variable
generates a new random number for each use. (BZ#492908)

* When Bash ran a shell script with an embedded null character, bash's
source builtin parsed the script incorrectly. This is fixed and
bash's source builtin correctly parses shell script null characters.
(BZ#503701)

* The bash manual page for 'trap' did not mention that signals ignored upon
entry cannot be listed later. The manual page was updated for this update
and now specifically notes that 'Signals ignored upon entry to the shell
cannot be trapped, reset or listed'. (BZ#504904)

* Bash's readline incorrectly displayed additional text when resizing
the terminal window when text spanned more than one line, which caused
incorrect display output. This is now fixed to ensure that text in more
than one line in a resized window displays as expected. (BZ#525474)

* Previously, bash incorrectly displayed 'Broken pipe' messages for
builtins like 'echo' and 'printf' when output did not succeed due to
EPIPE. This is fixed t ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
bash on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-5374
BugTraq ID: 32733
http://www.securityfocus.com/bid/32733
http://security.gentoo.org/glsa/glsa-201210-05.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:004
http://uvw.ru/report.sid.txt
http://lists.debian.org/debian-devel/2008/08/msg00347.html
http://www.redhat.com/support/errata/RHSA-2011-0261.html
http://www.redhat.com/support/errata/RHSA-2011-1073.html
http://secunia.com/advisories/43365
http://secunia.com/advisories/51086
http://www.vupen.com/english/advisories/2011/0414

Copyright Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.881347
Category:	CentOS Local Security Checks
Title:	CentOS Update for bash CESA-2011:1073 centos5 x86_64
Summary:	The remote host is missing an update for the 'bash'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'bash' package(s) announced via the referenced advisory. Vulnerability Insight: Bash is the default shell for Red Hat Enterprise Linux. It was found that certain scripts bundled with the Bash documentation created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the scripts. (CVE-2008-5374) This update fixes the following bugs: * When using the source builtin at location '.', occasionally, bash opted to preserve internal consistency and abort scripts. This caused bash to abort scripts that assigned values to read-only variables. This is now fixed to ensure that such scripts are now executed as written and not aborted. (BZ#448508) * When the tab key was pressed for auto-completion options for the typed text, the cursor moved to an unexpected position on a previous line if the prompt contained characters that cannot be viewed and a '\]'. This is now fixed to retain the cursor at the expected position at the end of the target line after autocomplete options correctly display. (BZ#463880) * Bash attempted to interpret the NOBITS .dynamic section of the ELF header. This resulted in a '^D: bad ELF interpreter: No such file or directory' message. This is fixed to ensure that the invalid '^D' does not appear in the error message. (BZ#484809) * The $RANDOM variable in Bash carried over values from a previous execution for later jobs. This is fixed and the $RANDOM variable generates a new random number for each use. (BZ#492908) * When Bash ran a shell script with an embedded null character, bash's source builtin parsed the script incorrectly. This is fixed and bash's source builtin correctly parses shell script null characters. (BZ#503701) * The bash manual page for 'trap' did not mention that signals ignored upon entry cannot be listed later. The manual page was updated for this update and now specifically notes that 'Signals ignored upon entry to the shell cannot be trapped, reset or listed'. (BZ#504904) * Bash's readline incorrectly displayed additional text when resizing the terminal window when text spanned more than one line, which caused incorrect display output. This is now fixed to ensure that text in more than one line in a resized window displays as expected. (BZ#525474) * Previously, bash incorrectly displayed 'Broken pipe' messages for builtins like 'echo' and 'printf' when output did not succeed due to EPIPE. This is fixed t ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: bash on CentOS 5 Solution: Please install the updated packages. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5374 BugTraq ID: 32733 http://www.securityfocus.com/bid/32733 http://security.gentoo.org/glsa/glsa-201210-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:004 http://uvw.ru/report.sid.txt http://lists.debian.org/debian-devel/2008/08/msg00347.html http://www.redhat.com/support/errata/RHSA-2011-0261.html http://www.redhat.com/support/errata/RHSA-2011-1073.html http://secunia.com/advisories/43365 http://secunia.com/advisories/51086 http://www.vupen.com/english/advisories/2011/0414
Copyright	Copyright (C) 2012 Greenbone AG