Lucene search
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.SOLARIS9_X86_149080-01.NASLHistorySep 26, 2014 - 12:00 a.m.
Solaris 9 (x86) : 149080-01
2014-09-2600:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
29
0.976 High
EPSS
Percentile
100.0%
SunOS 5.9_x86: bash patch.
Date this patch was last updated by Oracle : Sep/26/14
#%NASL_MIN_LEVEL 70300
# @DEPRECATED@
#
# This script has been deprecated by solaris9_x86_149080.nasl.
#
# Disabled on 2014/10/13.
#
#
# (C) Tenable Network Security, Inc.
#
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(77912);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2014-6271", "CVE-2014-7169");
script_bugtraq_id(70103, 70137);
script_xref(name:"CERT", value:"252743");
script_xref(name:"IAVA", value:"2014-A-0142");
script_xref(name:"EDB-ID", value:"34765");
script_xref(name:"EDB-ID", value:"34766");
script_xref(name:"EDB-ID", value:"34777");
script_name(english:"Solaris 9 (x86) : 149080-01");
script_summary(english:"Check for patch 149080-01");
script_set_attribute(attribute:"synopsis", value:"The remote host is missing Oracle Security Patch number 149080-01");
script_set_attribute(attribute:"description", value:
"SunOS 5.9_x86: bash patch.
Date this patch was last updated by Oracle : Sep/26/14");
script_set_attribute(attribute:"see_also", value:"http://seclists.org/oss-sec/2014/q3/650");
# https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dacf7829");
script_set_attribute(attribute:"see_also", value:"https://www.invisiblethreat.ca/2014/09/cve-2014-6271/");
script_set_attribute(attribute:"see_also", value:"https://blogs.oracle.com/patch/entry/solaris_idrs_available_on_mos");
script_set_attribute(attribute:"see_also", value:"https://getupdates.oracle.com/readme/149080-01");
script_set_attribute(attribute:"solution", value:"You should install this patch for your system to be up-to-date.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Pure-FTPd External Authentication Bash Environment Variable Code Injection');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/24");
script_set_attribute(attribute:"patch_publication_date", value:"2014/09/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev", "Host/Solaris/pkginfo");
exit(0);
}
# Deprecated.
exit(0, "This plugin has been deprecated. Refer to plugin #78113 (solaris9_x86_149080.nasl) instead.");
include("audit.inc");
include("global_settings.inc");
include("solaris.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Solaris/showrev")) audit(AUDIT_OS_NOT, "Solaris 10 or earlier");
if (!get_kb_item("Host/Solaris/pkginfo")) audit(AUDIT_PACKAGE_LIST_MISSING);
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"149080-01", obsoleted_by:"", package:"SUNWbash", version:"11.9.0,REV=2002.03.02.00.30") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"149080-01", obsoleted_by:"", package:"SUNWbashS", version:"11.9.0,REV=2002.03.02.00.30") < 0) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());
else security_hole(0);
exit(0);
}
audit(AUDIT_HOST_NOT, "affected");
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
seclists.org/oss-sec/2014/q3/650
www.nessus.org/u?dacf7829
blogs.oracle.com/patch/entry/solaris_idrs_available_on_mos
getupdates.oracle.com/readme/149080-01
www.invisiblethreat.ca/2014/09/cve-2014-6271/
Related
packetstorm
packetstorm
Gnu Bash 4.3 CGI Scan Remote Command Injection
2014-09-26 00:00:00
Gnu Bash 4.3 CGI REFERER Command Injection
2014-09-26 00:00:00
Pure-FTPd External Authentication Bash Environment Variable Code Injection
2014-10-02 00:00:00
securityvulns
securityvulns
[security bulletin] HPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution
2014-10-05 00:00:00
threatpost
threatpost
Bash Botnet Exploit Found, Bash Patches Incomplete
2014-09-25 11:41:51
VMware Begins to Patch Bash Issues Across Product Line
2014-10-01 14:43:47
thn
thn
attackerkb
attackerkb
nessus
nessus
Fedora 21 : bash-4.3.25-2.fc21 (2014-11718) (Shellshock)
2014-09-29 00:00:00
GNU Bash Local Environment Variable Handling Command Injection (Mac OS X) (Shellshock)
2014-09-30 00:00:00
Solaris 9 (sparc) : 149079-03
2014-10-09 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: bash-4.2.48-2.fc20
2014-09-26 09:03:00
[SECURITY] Fedora 21 Update: bash-4.3.25-2.fc21
2014-09-27 10:08:26
[SECURITY] Fedora 19 Update: bash-4.2.48-2.fc19
2014-09-26 09:00:48
openvas
openvas
GNU Bash Environment Variable Handling Shell RCE Vulnerability (LSC) - 02
2014-10-08 00:00:00
RedHat Update for bash RHSA-2014:1306-01
2014-09-26 00:00:00
Gentoo Security Advisory GLSA 201409-10
2015-09-29 00:00:00
debian
debian
[SECURITY] [DSA 3035-1] bash security update
2014-09-25 21:18:46
[SECURITY] [DLA 63-1] bash security update
2014-09-25 22:35:21
[SECURITY] [DSA 3035-1] bash security update
2014-09-25 21:18:46
freebsd
freebsd
bash -- remote code execution vulnerability
2014-09-24 00:00:00
debiancve
debiancve
nuclei
nuclei
ShellShock - Remote Code Execution
2020-10-01 18:03:35
ibm
ibm
lenovo
lenovo
GNU Bourne-Again Shell (Bash) 'Shellshock' - Lenovo Support US
2016-11-16 00:00:00
GNU Bourne-Again Shell (Bash) 'Shellshock'
2016-11-16 00:00:00
archlinux
archlinux
bash: Remote code execution
2014-09-26 00:00:00
veracode
veracode
Arbitrary File Overwrite
2019-01-15 09:02:02
Remote Code Execution (RCE)
2019-01-15 09:01:57
cve
cve
osv
osv
bash - security update
2014-09-25 00:00:00
bash - security update
2014-09-26 00:00:00
cloudfoundry
cloudfoundry
CVE-2014-6271 and CVE-2014-7169 - ShellShock | Cloud Foundry
2014-09-25 00:00:00
ubuntucve
ubuntucve
hp
hp
checkpoint_security
checkpoint_security
prion
prion
Design/Logic Flaw
2014-09-24 18:48:00
Design/Logic Flaw
2014-09-25 01:55:00
Design/Logic Flaw
2014-09-27 22:55:00
paloalto
paloalto
Bash Shell remote code execution (CVE-2014-6271, CVE-2014-7169)
2014-09-24 00:00:00
cisa_kev
cisa_kev
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
2022-01-28 00:00:00
myhack58
myhack58
symantec
symantec
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-24 00:00:00
mageia
mageia
Updated bash packages fix CVE-2014-7169
2014-09-28 16:17:31
gentoo
gentoo
Bash: Code Injection (Updated fix for GLSA 201409-09)
2014-09-25 00:00:00
ics
ics
Bash Command Injection Vulnerability (Update A)
2018-09-06 12:00:00
arista
arista
Security Advisory 0006
2014-09-29 00:00:00
suse
suse
bash (important)
2014-09-28 12:05:59
bash (important)
2014-09-30 17:05:22
Security update for Containment-Studio (important)
2014-10-14 01:05:00
redhat
redhat
(RHSA-2014:1306) Important: bash security update
2014-09-26 00:00:00
(RHSA-2014:1312) Important: bash Shift_JIS security update
2014-09-26 00:00:00
(RHSA-2014:1311) Important: bash security update
2014-09-26 00:00:00
fortinet
fortinet
Remote Exploit Vulnerability in Bash - (Shellshock)
2014-09-25 00:00:00
nmap
nmap
http-shellshock NSE Script
2015-01-17 03:01:58
centos
centos
bash security update
2014-09-26 02:16:02
amazon
amazon
Important: bash
2014-09-24 22:26:00
cisa
cisa
Oracle Patches Bash Vulnerabilities
2014-10-07 00:00:00
slackware
slackware
[slackware-security] bash
2014-09-25 20:38:49
bash (rebuild for Slackware 13.0 only)
2014-09-25 16:07:03
SSA-2014-0925230703
2014-09-25 23:07:03
oraclelinux
oraclelinux
bash security update
2014-09-25 00:00:00
bash security update
2014-09-25 00:00:00
bash security update
2014-09-25 00:00:00
ubuntu
ubuntu
Bash vulnerability
2014-09-25 00:00:00
Bash vulnerability
2014-09-26 00:00:00
cert
cert
exploitpack
exploitpack
Cisco Unified Communications Manager - Multiple Vulnerabilities
2015-08-18 00:00:00
GNU Bash - Environment Variable Command Injection (Metasploit)
2014-09-25 00:00:00
OpenVPN 2.2.29 - Shellshock Remote Command Injection
2014-10-04 00:00:00
zdt
zdt
Bash Environment Variables Code Injection Exploit
2014-09-25 00:00:00
RedStar 3.0 Server - BEAM & RSSMON Command Execution (Shellshock) Exploit
2016-12-19 00:00:00
Advantech Switch Bash Environment Variable Code Injection Exploit
2015-12-02 00:00:00
saint
saint
Bash environment variable code injection over HTTP
2014-09-26 00:00:00
Bash Environment Variable Handling Shell Command Injection Via CUPS
2014-11-05 00:00:00
ShellShock DHCP Server
2014-11-20 00:00:00
exploitdb
exploitdb
Qmail SMTP 1.03 - Bash Environment Variable Injection
2020-07-08 00:00:00
hackerone
hackerone