Announcement Announcement Module
Collapse
No announcement yet.
Bash specially-crafted environment variables code injection attack Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Bash specially-crafted environment variables code injection attack

    A new vulnerability was discovered, details are here:

    https://securityblog.redhat.com/2014...ection-attack/

    Red Hat has released patched versions of Bash that fix CVE-2014-7169. Information regarding these updates can be found in the errata. All customers are strongly encouraged to apply the update as this flaw is being actively attacked in the wild.
    Fedora has also released a patched version of Bash that fixes CVE-2014-7169.

    In order to update to the most recent version of the Bash package run the following command:

    Code:
    # yum update bash
    Specify the package name in order to update to a particular version of Bash. For example, to update a Red Hat Enterprise Linux 6.5 system run:

    Code:
    # yum update bash-4.1.2-15.el6_5.1

    Diagnostic Steps
    ----------------

    To determine if a system is affected by this vulnerability, review the version of Bash:

    Code:
    # rpm -qa bash
Tag Cloud Tag Cloud Module
Collapse
Working...
X