Solaris 10 (sparc) : 126546-10

This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is missing Sun Security Patch number 126546-10

Description :

Vulnerability in the Solaris component of Oracle Sun Systems Products
Suite (subcomponent: Bash). The supported version that is affected is
10. Easily exploitable vulnerability allows low privileged attacker
with logon to the infrastructure where Solaris executes to compromise
Solaris. Successful attacks require human interaction from a person
other than the attacker. Successful attacks of this vulnerability can
result in unauthorized update, insert or delete access to some of
Solaris accessible data.

See also :

https://getupdates.oracle.com/readme/126546-10

Solution :

You should install this patch for your system to be up-to-date.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Solaris Local Security Checks

Nessus Plugin ID: 62305 ()

Bugtraq ID: 70103
70137

CVE ID: CVE-2014-6271
CVE-2014-7169
CVE-2016-5480

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now