Mandriva Linux Security Advisory : bash (MDVSA-2012:128)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing one or more security

Description :

A vulnerability was found and corrected in bash :

A stack-based buffer overflow flaw was found in the way bash, the GNU
Bourne Again shell, expanded certain /dev/fd file names when checking
file names ('test' command) and evaluating /dev/fd file names in
conditinal command expressions. A remote attacker could provide a
specially crafted Bash script that, when executed, would cause the
bash executable to crash (CVE-2012-3410).

Additionally the official patches 011 to 037 for bash-4.2 has been
applied which resolves other issues found, including the CVE-2012-3410

See also :

Solution :

Update the affected bash and / or bash-doc packages.

Risk factor :

Medium / CVSS Base Score : 4.6

Family: Mandriva Local Security Checks

Nessus Plugin ID: 61977 ()

Bugtraq ID:

CVE ID: CVE-2012-3410

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now