SuSE 11.3 Security Update : bash (SAT Patch Number 9740)

critical Nessus Plugin ID 77850


The remote SuSE 11 host is missing one or more security updates.


bash has been updated to fix a critical security issue.

In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash scripts. (CVE-2014-6271)


Apply SAT patch number 9740.

See Also

Plugin Details

Severity: Critical

ID: 77850

File Name: suse_11_bash-140919.nasl

Version: 1.14

Type: local

Agent: unix

Published: 9/25/2014

Updated: 1/31/2022

Supported Sensors: Nessus Agent

Risk Information


Risk Factor: Critical

Score: 9.5


Risk Factor: Critical

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:bash, p-cpe:/a:novell:suse_linux:11:bash-doc, p-cpe:/a:novell:suse_linux:11:libreadline5, p-cpe:/a:novell:suse_linux:11:libreadline5-32bit, p-cpe:/a:novell:suse_linux:11:readline-doc, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/19/2014

CISA Known Exploited Dates: 7/28/2022

Exploitable With

Core Impact

Metasploit (Apache mod_cgi Bash Environment Variable Code Injection (Shellshock))

Reference Information

CVE: CVE-2014-6271

IAVA: 2014-A-0142