rpm package
suse/bash&distro=SUSE Linux Enterprise Server 11 SP4
pkg:rpm/suse/bash&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-0634 | Hig | 7.5 | < 3.2-147.29.1 | 3.2-147.29.1 | Aug 28, 2017 | The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine. | |
| CVE-2016-9401 | Med | 5.5 | < 3.2-147.35.1 | 3.2-147.35.1 | Jan 23, 2017 | popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | |
| CVE-2016-7543 | Hig | 8.4 | < 3.2-147.29.1 | 3.2-147.29.1 | Jan 19, 2017 | Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. |
- affected < 3.2-147.29.1fixed 3.2-147.29.1
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
- affected < 3.2-147.35.1fixed 3.2-147.35.1
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
- affected < 3.2-147.29.1fixed 3.2-147.29.1
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.