FreeBSD : bash -- out-of-bounds memory access in parser (4a4e9f88-491c-11e4-ae2c-c80aa9043978)

Critical Nessus Plugin ID 78002


The remote FreeBSD host is missing one or more security-related updates.


RedHat security team reports :

It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.

An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.


Update the affected packages.

See Also

Plugin Details

Severity: Critical

ID: 78002

File Name: freebsd_pkg_4a4e9f88491c11e4ae2cc80aa9043978.nasl

Version: 1.7

Type: local

Published: 2014/10/01

Updated: 2018/11/21

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:bash, p-cpe:/a:freebsd:freebsd:bash-static, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2014/10/01

Vulnerability Publication Date: 2014/09/25

Reference Information

CVE: CVE-2014-7186, CVE-2014-7187

IAVA: 2014-A-0142