VYPR

rpm package

suse/bash&distro=SUSE Linux Enterprise Workstation Extension 12 SP3

pkg:rpm/suse/bash&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3

Vulnerabilities (3)

  • CVE-2019-9924HigMar 22, 2019
    affected < 4.3-83.23.1fixed 4.3-83.23.1

    rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.

  • CVE-2016-0634HigAug 28, 2017
    affected < 4.3-83.10.1fixed 4.3-83.10.1

    The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.

  • CVE-2016-7543HigJan 19, 2017
    affected < 4.3-83.10.1fixed 4.3-83.10.1

    Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.