This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for bash fixes the following security issues :
- CVE-2016-7543: Local attackers could have executed
arbitrary commands via specially crafted SHELLOPTS+PS4
- CVE-2016-0634: Malicious hostnames could have allowed
arbitrary command execution when $HOSTNAME was expanded
in the prompt (bsc#1000396)
This update also fixes the following bugs :
- fix a crash found during debugging boo#971410
- boo#976776: crash if ~/.bash_history is empty
See also :
Update the affected bash packages.
Risk factor :
High / CVSS Base Score : 7.2