logo
DATABASE RESOURCES PRICING ABOUT US

Amazon Linux 2 : bash (ALAS-2020-1503)

Description

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1503 advisory. - rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. (CVE-2019-9924) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related