Slackware Linux update for bash

Published: 2017-09-08

Risk	High
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2016-0634 CVE-2016-7543
CWE-ID	CWE-20 CWE-77
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Slackware Linux Operating systems & Components / Operating system
Vendor	Slackware

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Improper input validation

EUVDB-ID: #VU13103

Risk: High

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2016-0634

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The vulnerability exists in the expansion of 'h' in the prompt string due to insufficient validation of user-supplied input. A remote attacker can place shell metacharacters in 'hostname' of a machine and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package bash.

Vulnerable software versions

Slackware Linux: 13.1 - 14.2

CPE2.3

External links

https://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.503015

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Command injection

EUVDB-ID: #VU13104

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-7543

CWE-ID: CWE-77 - Command injection