Mandriva Linux Security Advisory : bash (MDVSA-2013:032)
Medium Nessus Plugin ID 66046
The remote Mandriva Linux host is missing one or more security updates.
A vulnerability was found and corrected in bash : A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names ('test' command) and evaluating /dev/fd file names in conditinal command expressions. A remote attacker could provide a specially crafted Bash script that, when executed, would cause the bash executable to crash (CVE-2012-3410). Additionally the official patches 011 to 037 for bash-4.2 has been applied which resolves other issues found, including the CVE-2012-3410 vulnerability. NOTE: This advisory was previousely given the MDVSA-2013:019 identifier by mistake.
Update the affected bash and / or bash-doc packages.