FreeBSD : bash -- out-of-bounds memory access in parser (4a4e9f88-491c-11e4-ae2c-c80aa9043978)

critical Nessus Plugin ID 78002

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

RedHat security team reports :

It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.

An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/cve/cve-2014-7186

http://www.nessus.org/u?1a03f5a8

Plugin Details

Severity: Critical

ID: 78002

File Name: freebsd_pkg_4a4e9f88491c11e4ae2cc80aa9043978.nasl

Version: 1.9

Type: local

Published: 10/1/2014

Updated: 1/6/2021

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:bash, p-cpe:/a:freebsd:freebsd:bash-static, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/1/2014

Vulnerability Publication Date: 9/25/2014

Reference Information

CVE: CVE-2014-7186, CVE-2014-7187

IAVA: 2014-A-0142