Lucene search

K
suseSuseOPENSUSE-SU-2014:1238-1
HistorySep 28, 2014 - 12:09 p.m.

Important security fix for bash that allows the injection of commands. (important)

2014-09-2812:09:20
lists.opensuse.org
49

EPSS

0.974

Percentile

99.9%

This update fixes a bug in the bash shell that allows an attacker to
execute arbitrary commands upon shell invocation if he can control the
shell’s environment. This is particularly dangerous if the shell is used
as a cgi interpreter for a web server, or if the shell handles untrusted
input inherited in the environment from other sources.