F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (SOL16010)
Medium Nessus Plugin ID 86008
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing '$((`...`))'.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL16010.