Detections
Analytics
Debian DSA-3035-1 : bash - security update
critical Nessus Plugin ID 77882
Language:
Synopsis
The remote Debian host is missing a security-related update.Description
Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment (CVE-2014-7169 ). With this update prefix and suffix for environment variable names which contain shell functions are added as hardening measure.Additionally two out-of-bounds array accesses in the bash parser are fixed which were revealed in Red Hat's internal analysis for these issues and also independently reported by Todd Sabin.
Solution
Upgrade the bash packages.For the stable distribution (wheezy), these problems have been fixed in version 4.2+dfsg-0.1+deb7u3.
See Also
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762760
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762761
https://security-tracker.debian.org/tracker/CVE-2014-6271
https://security-tracker.debian.org/tracker/CVE-2014-7169
Plugin Details
Severity: Critical
ID: 77882
File Name: debian_DSA-3035.nasl
Version: 1.22
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 9/26/2014
Updated: 1/31/2022
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:bash, cpe:/o:debian:debian_linux:7.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/25/2014
CISA Known Exploited Vulnerability Due Dates: 7/28/2022
Reference Information
CVE: CVE-2014-7169
BID: 70137
DSA: 3035