FreeBSD : bash -- out-of-bounds memory access in parser (4a4e9f88-491c-11e4-ae2c-c80aa9043978)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

RedHat security team reports :

It was discovered that the fixed-sized redir_stack could be forced to
overflow in the Bash parser, resulting in memory corruption, and
possibly leading to arbitrary code execution when evaluating untrusted
input that would not otherwise be run as code.

An off-by-one error was discovered in the way Bash was handling deeply
nested flow control constructs. Depending on the layout of the .bss
segment, this could allow arbitrary execution of code that would not
otherwise be executed by Bash.

See also :

https://access.redhat.com/security/cve/CVE-2014-7186
http://www.nessus.org/u?ca59dc1d

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 78002 ()

Bugtraq ID:

CVE ID: CVE-2014-7186
CVE-2014-7187

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now