OracleVM 2.2 : bash (OVMSA-2014-0020)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote OracleVM host is missing a security update.

Description :

The remote OracleVM system is missing necessary patches to address
critical security updates :

- Check for fishy environment Resolves: #1141644

- Fixed a bug that caused trap handlers to be executed
recursively, corrupting internal data structures.
Resolves: #964753

- Don't include backup files Resolves: #700157

- Use `mktemp' for temporary files Resolves: #700157

- Added man page references to systemwide .bash_logout
Resolves: #592979

- Readline glitch, when editing line with more spaces and
resizing window Resolves: #525474

- Fix the memory leak in read builtin Resolves: #618393

- Don't append slash to non-directories Resolves: #583919

- Test .dynamic section if has PROGBITS or NOBITS
Resolves: #484809

- Better random number generator Resolves: #492908

- Allow to source scripts with embeded NULL chars
Resolves: #503701

- vi mode redo insert fixed Resolves: #575076

- Don't show broken pipe messages for builtins Resolves:
#546529

- Don't include loadables in doc dir Resolves: #663656

- Enable system-wide .bash_logout for login shells
Resolves: #592979

- Don't abort source builtin Resolves: #448508

- Correctly place cursor Resolves: #463880

- Minor man page clarification for trap builtin Resolves:
#504904

See also :

http://www.nessus.org/u?d09838a9

Solution :

Update the affected bash package.

Risk factor :

High

Family: OracleVM Local Security Checks

Nessus Plugin ID: 78236 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now