bash-3.2-33.AXS3.1
エラータID: AXSA:2014-548:01
リリース日:
2014/09/25 Thursday - 10:46
題名:
bash-3.2-33.AXS3.1
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2014-6271 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2014-6271
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
追加情報:
N/A
ダウンロード:
Asianux Server 3 for x86
- bash-3.2-33.AXS3.1.i386.rpm
MD5: b1a7a3c312e4c82bad714bf3f4ca72e8
SHA-256: 5f620c3ca555fb6b540650e1a8c328dc3121e3c1b29954a65e0965a01e8619c0
Size: 1.79 MB
Asianux Server 3 for x86_64
- bash-3.2-33.AXS3.1.x86_64.rpm
MD5: 5ca0cbf1d3efe4cdc89219204ee7da25
SHA-256: 0a6cb06dd1c422f48cc0d18ebf57468173d899312918334cb62fab1a8163e4fd
Size: 1.81 MB