Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-7169
Vulnerability from cvelistv5
Published
2014-09-25 01:00
Modified
2025-02-10 19:31
Severity ?
EPSS score ?
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-01-28
Due date: 2022-07-28
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2014-7169
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:40:19.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBHF03119", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "openSUSE-SU-2014:1229", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "61188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61188", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61676", }, { name: "openSUSE-SU-2014:1254", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "RHSA-2014:1306", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61715", }, { name: "USN-2363-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61654", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62312", }, { name: "59272", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "RHSA-2014:1312", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "USN-2363-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61703", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61065", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61641", }, { name: "SUSE-SU-2014:1247", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/node/1200223", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "61619", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61619", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60325", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/34879/", }, { name: "61622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61622", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/articles/1200223", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62343", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61873", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61485", }, { name: "openSUSE-SU-2014:1242", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "61618", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61618", }, { name: "60947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60947", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61312", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "61479", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61479", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60063", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBGN03117", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200223", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59737", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "RHSA-2014:1311", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61128", }, { name: "DSA-3035", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "SUSE-SU-2014:1259", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61129", }, { name: "61700", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61700", }, { name: "61626", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61626", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2014-7169", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T19:31:47.209255Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-01-28", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-7169", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T19:31:56.166Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-24T00:00:00.000Z", descriptions: [ { lang: "en", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-05T16:41:42.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBHF03119", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "openSUSE-SU-2014:1229", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "61188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61188", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61676", }, { name: "openSUSE-SU-2014:1254", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "RHSA-2014:1306", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61715", }, { name: "USN-2363-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61654", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62312", }, { name: "59272", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "RHSA-2014:1312", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "USN-2363-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61703", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61065", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61641", }, { name: "SUSE-SU-2014:1247", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/node/1200223", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "61619", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61619", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60325", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/34879/", }, { name: "61622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61622", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/articles/1200223", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62343", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61873", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61485", }, { name: "openSUSE-SU-2014:1242", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "61618", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61618", }, { name: "60947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60947", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61312", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "61479", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61479", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60063", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { tags: [ "x_refsource_MISC", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_MISC", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBGN03117", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200223", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59737", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "RHSA-2014:1311", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61128", }, { name: "DSA-3035", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "SUSE-SU-2014:1259", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61129", }, { name: "61700", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61700", }, { name: "61626", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61626", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7169", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "HPSBMU03165", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBHF03119", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { name: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", refsource: "CONFIRM", url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "openSUSE-SU-2014:1229", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "61188", refsource: "SECUNIA", url: "http://secunia.com/advisories/61188", }, { name: "JVN#55667175", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", refsource: "SECUNIA", url: "http://secunia.com/advisories/61676", }, { name: "openSUSE-SU-2014:1254", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", refsource: "SECUNIA", url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "RHSA-2014:1306", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "HPSBST03155", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", refsource: "SECUNIA", url: "http://secunia.com/advisories/61715", }, { name: "USN-2363-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2363-2", }, { name: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", refsource: "SECUNIA", url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", refsource: "SECUNIA", url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", refsource: "SECUNIA", url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", refsource: "SECUNIA", url: "http://secunia.com/advisories/61654", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015701", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", refsource: "SECUNIA", url: "http://secunia.com/advisories/62312", }, { name: "59272", refsource: "SECUNIA", url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { name: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", refsource: "CONFIRM", url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "RHSA-2014:1312", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "USN-2363-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "SSRT101868", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", refsource: "SECUNIA", url: "http://secunia.com/advisories/61703", }, { name: "http://support.apple.com/kb/HT6495", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", refsource: "SECUNIA", url: "http://secunia.com/advisories/61065", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3075.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "HPSBST03129", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { name: "http://support.novell.com/security/cve/CVE-2014-7169.html", refsource: "CONFIRM", url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", refsource: "CERT", url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "61641", refsource: "SECUNIA", url: "http://secunia.com/advisories/61641", }, { name: "SUSE-SU-2014:1247", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { name: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", refsource: "CONFIRM", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "https://access.redhat.com/node/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/node/1200223", }, { name: "SUSE-SU-2014:1287", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", refsource: "APPLE", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "61619", refsource: "SECUNIA", url: "http://secunia.com/advisories/61619", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3078.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "HPSBMU03220", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", refsource: "SECUNIA", url: "http://secunia.com/advisories/60325", }, { name: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", refsource: "CONFIRM", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", refsource: "SECUNIA", url: "http://secunia.com/advisories/60024", }, { name: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/34879/", }, { name: "61622", refsource: "SECUNIA", url: "http://secunia.com/advisories/61622", }, { name: "https://access.redhat.com/articles/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/articles/1200223", }, { name: "62343", refsource: "SECUNIA", url: "http://secunia.com/advisories/62343", }, { name: "http://advisories.mageia.org/MGASA-2014-0393.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "61565", refsource: "SECUNIA", url: "http://secunia.com/advisories/61565", }, { name: "https://www.suse.com/support/shellshock/", refsource: "CONFIRM", url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", refsource: "SECUNIA", url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", refsource: "SECUNIA", url: "http://secunia.com/advisories/61873", }, { name: "61485", refsource: "SECUNIA", url: "http://secunia.com/advisories/61485", }, { name: "openSUSE-SU-2014:1242", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "61618", refsource: "SECUNIA", url: "http://secunia.com/advisories/61618", }, { name: "60947", refsource: "SECUNIA", url: "http://secunia.com/advisories/60947", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "https://support.apple.com/kb/HT6535", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", refsource: "SECUNIA", url: "http://secunia.com/advisories/61312", }, { name: "60193", refsource: "SECUNIA", url: "http://secunia.com/advisories/60193", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "61479", refsource: "SECUNIA", url: "http://secunia.com/advisories/61479", }, { name: "60063", refsource: "SECUNIA", url: "http://secunia.com/advisories/60063", }, { name: "60034", refsource: "SECUNIA", url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { name: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", refsource: "MISC", url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", refsource: "SECUNIA", url: "http://secunia.com/advisories/59907", }, { name: "58200", refsource: "SECUNIA", url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", refsource: "SECUNIA", url: "http://secunia.com/advisories/61643", }, { name: "http://twitter.com/taviso/statuses/514887394294652929", refsource: "MISC", url: "http://twitter.com/taviso/statuses/514887394294652929", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015721", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", refsource: "SECUNIA", url: "http://secunia.com/advisories/61503", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBGN03117", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { name: "http://www.qnap.com/i/en/support/con_show.php?cid=61", refsource: "CONFIRM", url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", refsource: "SECUNIA", url: "http://secunia.com/advisories/61552", }, { name: "61780", refsource: "SECUNIA", url: "http://secunia.com/advisories/61780", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { name: "https://support.citrix.com/article/CTX200223", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200223", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3077.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", refsource: "SECUNIA", url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", refsource: "SECUNIA", url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", refsource: "SECUNIA", url: "http://secunia.com/advisories/60044", }, { name: "61291", refsource: "SECUNIA", url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", refsource: "SECUNIA", url: "http://secunia.com/advisories/59737", }, { name: "61287", refsource: "SECUNIA", url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", refsource: "SECUNIA", url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "RHSA-2014:1311", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "61128", refsource: "SECUNIA", url: "http://secunia.com/advisories/61128", }, { name: "DSA-3035", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3035", }, { name: "https://support.citrix.com/article/CTX200217", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", refsource: "SECUNIA", url: "http://secunia.com/advisories/61471", }, { name: "60055", refsource: "SECUNIA", url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", refsource: "SECUNIA", url: "http://secunia.com/advisories/61550", }, { name: "61633", refsource: "SECUNIA", url: "http://secunia.com/advisories/61633", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1306.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA82", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "SUSE-SU-2014:1259", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61328", refsource: "SECUNIA", url: "http://secunia.com/advisories/61328", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", refsource: "SECUNIA", url: "http://secunia.com/advisories/61129", }, { name: "61700", refsource: "SECUNIA", url: "http://secunia.com/advisories/61700", }, { name: "61626", refsource: "SECUNIA", url: "http://secunia.com/advisories/61626", }, { name: "61603", refsource: "SECUNIA", url: "http://secunia.com/advisories/61603", }, { name: "61857", refsource: "SECUNIA", url: "http://secunia.com/advisories/61857", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-7169", datePublished: "2014-09-25T01:00:00.000Z", dateReserved: "2014-09-24T00:00:00.000Z", dateUpdated: "2025-02-10T19:31:56.166Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { cisa_known_exploited: { cveID: "CVE-2014-7169", cwes: "[\"CWE-78\"]", dateAdded: "2022-01-28", dueDate: "2022-07-28", knownRansomwareCampaignUse: "Unknown", notes: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", product: "Bourne-Again Shell (Bash)", requiredAction: "Apply updates per vendor instructions.", shortDescription: "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.", vendorProject: "GNU", vulnerabilityName: "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability", }, nvd: "{\"cve\":{\"id\":\"CVE-2014-7169\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-09-25T01:55:04.367\",\"lastModified\":\"2025-02-10T20:15:37.017\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.\"},{\"lang\":\"es\",\"value\":\"GNU Bash hasta 4.3 bash43-025 procesa cadenas finales después de la definición malformada de funciones en los valores de variables de entorno, lo que permite a atacantes remotos escribir hacia ficheros o posiblemente tener otro impacto desconocido a través de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a través de un límite privilegiado de la ejecución de Bash. Nota: Esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-6271.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-01-28\",\"cisaActionDue\":\"2022-07-28\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3\",\"matchCriteriaId\":\"F4DBE402-1B0A-4854-ABE5-891321454C25\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.9.0\",\"versionEndExcluding\":\"4.9.12\",\"matchCriteriaId\":\"DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10.0\",\"versionEndExcluding\":\"4.10.9\",\"matchCriteriaId\":\"9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.11.0\",\"versionEndExcluding\":\"4.11.11\",\"matchCriteriaId\":\"9056776F-03F6-4C3D-8635-37D66FD16EAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.12.0\",\"versionEndExcluding\":\"4.12.9\",\"matchCriteriaId\":\"AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.13.0\",\"versionEndExcluding\":\"4.13.9\",\"matchCriteriaId\":\"8296875A-64FA-4592-848A-A923126BD8AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14.0\",\"versionEndExcluding\":\"4.14.4f\",\"matchCriteriaId\":\"816A16AF-1F5E-483A-AA89-3022818FAE43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8421899-5D10-4C2B-88AA-3DA909FE3E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"62A2AC02-A933-4E51-810E-5D040B476B7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7B037A8-72A6-4DFF-94B2-D688A5F6F876\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.1\",\"matchCriteriaId\":\"BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F407EA72-BA1A-41A2-B699-874304A638A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDA25903-B334-438B-8196-B9E5119199D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76F1E356-E019-47E8-AA5F-702DA93CF74E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F805A106-9A6F-48E7-8582-D3C5A26DFC11\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC489F35-07F1-4C3E-80B9-78F0689BC54B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95CE35FC-266F-4025-A0B8-FB853C020800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6172AF57-B26D-45F8-BE3A-F75ABDF28F49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"133AAFA7-AF42-4D7B-8822-AA2E85611BF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6252E88C-27FF-420D-A64A-C34124CF7E6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A8E07B7-3739-4BEB-88F8-C7F62431E889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"569964DA-31BE-4520-A66D-C3B09D557AB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"807C024A-F8E8-4B48-A349-4C68CD252CA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96E3779-F56A-45FF-BB3D-4980527D721E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF3C7A5-9117-42C7-BEA1-4AA378A582EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83737173-E12E-4641-BC49-0BD84A6B29D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"804DFF9F-BAA8-4239-835B-6182471A224F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE496C0-35F7-44DC-B3F0-71EA3A613C38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71179893-49F2-433C-A7AC-687075F9CC1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D4C43D8-02A5-4385-A89E-F265FEEC9E9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37ECC029-3D84-4DD7-B28B-E5AD5559CF94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CBED2A-B6B0-420E-BC40-160930D8662E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29BBF1AC-F31F-4251-8054-0D89A8E6E990\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C52A4A2F-6385-4E5F-B2C7-0EF7267546F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D8D654F-2442-4EA0-AF89-6AC2CD214772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8ED0658-5F8F-48F0-A605-A2205DA27DA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCF87FD-9358-42A5-9917-25DF0180A5A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C385DA76-4863-4D39-84D2-9D185D322365\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"188019BF-3700-4B3F-BFA5-553B2B545B7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8B2E32-B838-4E51-BAA2-764089D2A684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4319B943-7B19-468D-A160-5895F7F997A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8036E2AE-4E44-4FA5-AFFB-A3724BFDD654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"634C23AC-AC9C-43F4-BED8-1C720816D5E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37CE1DC7-72C5-483C-8921-0B462C8284D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D669D4-6D7E-449D-80C1-28FA44F06FFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB6ADFB8-210D-4E46-82A2-1C8705928382\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92C9F1C4-55B0-426D-BB5E-01372C23AF97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD6D0378-F0F4-4AAA-80AF-8287C790EC96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF83BB87-B203-48F9-9D06-48A5FE399050\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98381E61-F082-4302-B51F-5648884F998B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7431ABC1-9252-419E-8CC1-311B41360078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8821E5FE-319D-40AB-A515-D56C1893E6F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AE981D4-0CA1-46FA-8E91-E1A4D5B31383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"835AE071-CEAE-49E5-8F0C-E5F50FB85EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F256A9-D3B9-4C72-B013-4EFD878BFEA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0AC5CD5-6E58-433C-9EB3-6DFE5656463E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74BCA435-7594-49E8-9BAE-9E02E129B6C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFBF430B-0832-44B0-AA0E-BA9E467F7668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED68ADD-BBDA-4485-BC76-58F011D72311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"CED02712-1031-4206-AC4D-E68710F46EC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"35BBD83D-BDC7-4678-BE94-639F59281139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"CB6476C7-03F2-4939-AB85-69AA524516D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"2470C6E8-2024-4CF5-9982-CFF50E88EAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"15FC9014-BD85-4382-9D04-C0703E901D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F7F8866-DEAD-44D1-AB10-21EE611AA026\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1831D45A-EE6E-4220-8F8C-248B69520948\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94C9C346-6DEC-4C72-9F59-BB3BEC42B551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2071DABB-7102-47F2-A15F-A6C03607D01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8661E86-E075-427F-8E05-7A33811A3A76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0.0\",\"versionEndIncluding\":\"1.0.0.4\",\"matchCriteriaId\":\"BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0.0\",\"versionEndIncluding\":\"1.1.0.4\",\"matchCriteriaId\":\"054736AF-96E0-491D-B824-CC4A35B76E14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"575894EE-F13C-4D56-8B63-59A379F63BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E476AEB-AD38-4033-8426-DC502497D75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C062C89-5DC2-46EE-A9D3-23E7539A5DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*\",\"matchCriteriaId\":\"20981443-6A64-4852-B2CB-3299927C6F78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*\",\"matchCriteriaId\":\"59761BB8-FCC7-4D15-88A8-82076CCF196F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF399B2E-8413-4B80-A0C0-E61E8A0A8604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"230EBA53-66AF-432B-B4C1-08D8FC903B2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"789F398A-5CB2-48F8-AF8F-05BF0A8E04B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF102659-B067-473E-AA37-EA90A82D1864\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"81DF915D-D764-4C21-B213-0ADFD844E9DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C29A4119-A992-4713-85D6-4FDED7CD416A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"F03006B7-037B-491F-A09F-DEB2FF076754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE78AED4-AD60-406C-82E0-BA52701B49BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D0B71F0-CCED-4E23-989A-3E9E2D71307C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CF8FC22-C556-451C-B928-F5AF8DF4BF45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"081D3B14-45F6-4F96-944B-94D967FEFA26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE2C36B5-43F8-401B-B420-1FA5F13A4D6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D922DC5A-63F6-4188-BCDE-BB987402E47E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2BCC22C-A32B-4945-AFBC-777DBE248FB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F92890-63B0-4918-A147-8852B6E2FA8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8016ECD3-4417-47A8-9493-C9F9EDF5FAA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED0B143A-5386-4375-AEB2-48619B2B1EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7ECA734-9E95-484F-B880-2491A0E2531B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D7CD9E9-033C-44B8-A68C-47AC260873E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B660DC-A94F-48F0-A2F4-1C39CC4751A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"329C8551-98D1-4255-B598-9E75A071C186\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD0687B7-F374-4368-AD9E-041123B23A6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0330E77-454E-4E77-9628-50681B748491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3863726E-15AD-4A47-85CB-0C9965E76EF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1F35447-889F-4CE9-9473-87046B4707EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3A5DFC0-BBD7-430C-A026-E1F34E08894D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"141E8F6A-3998-4F22-A717-3F52BC998F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F09AA197-BB55-4CF0-AC29-4449C07DE510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E468E33-B183-4830-97E2-EAF9FD3758E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"738C8F2B-3D3E-4E1F-977A-05D3A39F115D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ED03E83-909B-423F-81F2-34AB7F24BBE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9778E8AA-A034-4B04-A42E-6A182378C7DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEE15598-4064-4E31-86BA-7851AA4B76C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"59FE3789-FB47-4939-B9AA-86D203445526\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F96389A-82B9-42DE-8E93-D2B2EE610F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3131CDA5-1C4D-489C-8788-FA396F8ADB2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC7DF3E-658C-41D7-A4AC-433440A02092\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6870C1E-E4A4-4666-89DB-D72C8100D27E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE183CA0-FFBB-4746-8BBE-5D1910DD2100\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D04B5EBF-C94C-4A44-9A7E-75623CAF832C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"5723FDF4-198B-488E-B075-F528EC6E4D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E23A972-5BCA-4C7E-B6F9-AD54992861A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFE4D0FF-6445-4E14-9536-ADB32662B346\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AC763FD-C143-4CA3-9A24-D50C9ED243D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"299C6CBE-905F-4E59-AF2F-89A1CD767916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"78538461-1B7E-4712-AA8D-D2EA3477635B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3FF46F1-EF19-49D7-9EDD-44441C1A3F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5725106C-A650-4C24-9636-1200BD44CCA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1501425-96F7-487B-9588-FDA2DAC3790A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"48D95998-9434-4AFF-9983-0D7AC34176A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D60BB309-860D-4D74-B08F-F94AFE84C881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63E864E-6323-41B4-956F-51F9364DFAE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC724282-7431-465E-8E60-4037121B8838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"73151221-C102-4425-9316-1EE4CAAB6531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1E9DDCD-6D22-4175-94EF-D8A5457E7355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"35AB906F-43CD-4D54-8274-1FD551532E58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ADC75F0-B27E-4B15-B829-482FBA0063A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"D015D670-8AEA-49A3-8D22-9E3009322EB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"28CE650B-BE03-4EDF-BE27-2FA6657F7A52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2356A4E6-561B-40CA-8348-B30D581B1E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"74509F3F-840E-48B8-88B1-EA4FFB90ACC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE7BD528-628F-4CA9-9FE8-8A79BDC97680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"26118C2B-78CC-4038-9DEA-7A9417029790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F445D93-D482-4A74-810D-66D78CBCAFED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C9F200C-ECC9-4D51-AFE7-E99C16D09148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"56B87CB5-0F77-4040-BB58-9DBF5723A4FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B3321B-11AD-43EB-867C-FA4FA6A5421E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFB104CA-55CD-4B9E-A2F7-CC06E57663CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4975223D-9E31-4CEC-A4B6-C0996828B855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C15C820B-4778-4B8F-8BD8-E996F1D4062D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A42E70EE-2E23-4D92-ADE0-9177B9EDD430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01C91446-4A36-4FCE-A973-3E6F813FABC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"58281E62-E350-4B0D-9322-8BA1E1773CB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF1A152E-5795-4319-BD4D-855DE19C744C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"438FCE7F-035A-4D89-96FE-EE5278C85493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"80900F2C-7CFA-4C40-A6B5-51E12C3DA187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE9A060-1D4D-46E5-A34F-CC4CFA260D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F900E6-AE47-4789-A337-70C6BEF22895\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD2E5054-2151-414D-A88F-6697FF280D41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB09361-372E-4F51-B255-C7D2DB41969F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A36D6991-3728-4F60-A443-37652DFAA053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4142CC4E-9F0D-4017-8D17-D59FBCEB36F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C0F7CA-5F3C-41D4-AAD6-084643115D85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"81C388DC-0941-4D08-8C1C-BD43D9B0DC8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"45CD14D8-665A-46C5-8387-33FF266822A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"D510329D-B39E-4E2B-AAEC-1FDA7869C9E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"4640FE06-4D22-442E-A0E0-76EEFAF6ECB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A846C69-CA94-4F5E-9E02-69EA6680549E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF14DD4F-6779-4B17-AB1B-D4DE58E7E231\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AAEE176-631A-41B9-BC40-93F866DA9D5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9388D932-9818-4A68-9543-B0643166DB2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"770A9287-C910-4690-9402-0C0B7BAC8912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B503F1F7-F439-420D-B465-9A51CCECAB06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27948B08-C452-41FB-B41F-6ADB3AAE087E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D7F2743-71BB-4011-B919-7E8032B6B72F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*\",\"versionEndExcluding\":\"1.2.1\",\"matchCriteriaId\":\"3738FAC6-B90B-4014-9E86-17ED6D19D23D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*\",\"versionEndExcluding\":\"1.2.1\",\"matchCriteriaId\":\"35B6634E-4F09-423C-87E7-59D4127CC023\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*\",\"versionEndExcluding\":\"1.2.1\",\"matchCriteriaId\":\"0A7A7100-A1DA-4191-A4C1-D930829A3DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83739ED7-37F1-4712-8C81-E56F58790240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.0\",\"versionEndIncluding\":\"3.1.0.7\",\"matchCriteriaId\":\"1CDD227E-1F98-4F73-BB65-3820F39127F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA4B8E11-83D3-4B38-90B6-4C0F536D06B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"250AF7A4-8DDF-427C-8BF7-788667908D77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22433CE0-9772-48CE-8069-612FF3732C21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2569AA28-5C61-4BBD-A501-E1ACFA36837B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AB188A2-D7CE-4141-A55A-C074C84E366E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE776097-1DA4-4F27-8E96-61E3D9FFE8D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4E5283-0FEE-4F37-9C41-FA695063FF79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73EB6121-62CD-49FC-A1D2-5467B007253C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E19969-DD73-42F2-9E91-504E1663B268\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9CC2E05-5179-4241-A710-E582510EEB0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0.0\",\"versionEndExcluding\":\"1.4.3.5\",\"matchCriteriaId\":\"3CB18F38-AC6A-406A-A4DD-40688B803744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5.0.0\",\"versionEndExcluding\":\"1.5.0.4\",\"matchCriteriaId\":\"DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0.0\",\"versionEndExcluding\":\"7.2.0.9\",\"matchCriteriaId\":\"A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0.0\",\"versionEndExcluding\":\"7.3.0.7\",\"matchCriteriaId\":\"1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA2ED020-4C7B-4303-ABE6-74D46D127556\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0.0\",\"versionEndExcluding\":\"7.1.0.11\",\"matchCriteriaId\":\"47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0.0\",\"versionEndExcluding\":\"7.2.0.9\",\"matchCriteriaId\":\"33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0.0\",\"versionEndExcluding\":\"7.3.0.7\",\"matchCriteriaId\":\"9C4EF774-BD92-444D-9583-25DB97CDA4F3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0.0\",\"versionEndExcluding\":\"7.1.0.11\",\"matchCriteriaId\":\"8753BBDB-A858-4A51-A8FD-8DF8DF2734A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0.0\",\"versionEndExcluding\":\"7.2.0.9\",\"matchCriteriaId\":\"0FB9850A-3308-4277-A68C-AD418612101E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0.0\",\"versionEndExcluding\":\"7.3.0.7\",\"matchCriteriaId\":\"C84D7A48-6745-49D3-AE52-31DD7EEC0D61\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49318A1D-49F6-4CA7-AE31-0EB4B3790CBB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0.0\",\"versionEndExcluding\":\"7.1.0.11\",\"matchCriteriaId\":\"4A1A3A3E-5636-4422-9B7B-B3D97989E674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0.0\",\"versionEndExcluding\":\"7.2.0.9\",\"matchCriteriaId\":\"7384B993-049F-48D7-86D6-FE221C783245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0.0\",\"versionEndExcluding\":\"7.3.0.7\",\"matchCriteriaId\":\"B1DF6129-9CEA-4812-800F-A6FD5095D60E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7352FACE-C8D0-49A7-A2D7-B755599F0FB3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0.0\",\"versionEndExcluding\":\"7.1.0.11\",\"matchCriteriaId\":\"79788A89-4152-4B4B-BFF0-518D90EE4D2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0.0\",\"versionEndExcluding\":\"7.2.0.9\",\"matchCriteriaId\":\"680738C5-63D5-4F60-9610-FD0D87FCBBCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0.0\",\"versionEndExcluding\":\"7.3.0.7\",\"matchCriteriaId\":\"872E2102-6BE6-42B6-93B0-942B7DABCBDA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DACA26CF-7C3F-4215-B032-ED9C5EFD57D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0.0\",\"versionEndExcluding\":\"7.1.0.11\",\"matchCriteriaId\":\"E6E31991-DF33-4F00-8430-7B626E8174CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0.0\",\"versionEndExcluding\":\"7.2.0.9\",\"matchCriteriaId\":\"B2E25BB0-6F5A-4A7B-9147-D4E17014C747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.3.0.0\",\"versionEndExcluding\":\"7.3.0.7\",\"matchCriteriaId\":\"B80C1675-4948-45DC-B593-EDB1354E42F3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5D84487-CEBA-48A0-9B15-A0300D992E3D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.8.0.0\",\"versionEndExcluding\":\"3.8.0.07\",\"matchCriteriaId\":\"1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9.1.0\",\"versionEndExcluding\":\"3.9.1.08\",\"matchCriteriaId\":\"BDEC166F-A967-4616-B9EF-503054EFD197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1.2.0\",\"versionEndExcluding\":\"4.1.2.06\",\"matchCriteriaId\":\"713E71BC-16F5-41E3-9816-74D5E8D8C9A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D2487E0-046C-476F-BFF4-EF77D9E856D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.8.0.0\",\"versionEndExcluding\":\"3.8.0.07\",\"matchCriteriaId\":\"0287F3CD-2151-491D-8BC3-6D3921BE8FFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9.1.0\",\"versionEndExcluding\":\"3.9.1.08\",\"matchCriteriaId\":\"C4179899-87B4-42C3-8245-9A34EC04F6A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1.2.0\",\"versionEndExcluding\":\"4.1.2.06\",\"matchCriteriaId\":\"B8CED766-9742-4037-8005-F0BDDE9176DD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C41EEAEC-08AE-4478-8977-5A4D7B48C175\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.8.0.0\",\"versionEndExcluding\":\"3.8.0.07\",\"matchCriteriaId\":\"298C961D-5E5F-4277-B192-A4C29243BECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9.1.0\",\"versionEndExcluding\":\"3.9.1.08\",\"matchCriteriaId\":\"E5A76C40-BA90-4FBD-8DFF-4AF8F952963A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1.2.0\",\"versionEndExcluding\":\"4.1.2.06\",\"matchCriteriaId\":\"B0663FBC-01C0-4AD8-A0B8-6097E537D352\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE145DE3-3C9B-4949-B6D4-9B259372CCE0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ABC25E5-76CD-469B-879A-B1F7109D0181\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98942F6C-330F-459A-B2B4-72572DB4070E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C0BAB94-6521-4B57-9E56-A57BA5E20C24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A7788E5-93B9-4149-8823-2ACBA5CF17E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*\",\"matchCriteriaId\":\"B41B4ECD-6F30-46F5-A559-1CEFC7964873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*\",\"matchCriteriaId\":\"D42ADCD9-1455-401C-B94F-D367A78A2B97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"r77.30\",\"matchCriteriaId\":\"2853A787-E5F1-4455-9482-7C538B80556C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"79618AB4-7A8E-4488-8608-57EC2F8681FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"8E910D60-1145-4229-9890-80D2D67C3845\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFA77C6B-72DB-4D57-87CF-11F2C7EDB828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.3.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"48BBEF73-E87D-467F-85EB-47BE212DF0E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B276E4DF-69FC-4158-B93A-781A45605034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"EE23220D-E364-41B7-A440-43B3AA4A716A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.4.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"C483253F-841E-4D4E-9B4A-932E9D07268B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5B40837-EC2B-41FB-ACC3-806054EAF28C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"667D3780-3949-41AC-83DE-5BCB8B36C382\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"4F0E7766-BDB4-42AB-B6CC-6B4E86A10038\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"475F0EF8-42CB-4099-9C4A-390F946C4924\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"A8347412-DC42-4B86-BF6E-A44A5E1541ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"C8942D9D-8E3A-4876-8E93-ED8D201FF546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"06BA93C0-A7AE-4A8E-BD74-08149A204463\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7D7863D-B064-4D7A-A66B-C3D3523425FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CDEC701-DAB3-4D92-AA67-B886E6693E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"C6D61BF2-69D8-4AD2-85CD-D87F640A6888\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FF5A5F6-4BA3-4276-8679-B5560EACF2E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.3.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"E9A06D61-E6CB-4A8A-B06D-9FEA1812C167\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"2C0B4C01-C71E-4E35-B63A-68395984E033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.4.1\",\"matchCriteriaId\":\"9828CBA5-BB72-46E2-987D-633A5B3E2AFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"68BC025A-D45E-45FB-A4E4-1C89320B5BBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.2.4\",\"matchCriteriaId\":\"AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"7C75978B-566B-4353-8716-099CB8790EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.4.0\",\"matchCriteriaId\":\"BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndIncluding\":\"4.4.0\",\"matchCriteriaId\":\"0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.4.0\",\"matchCriteriaId\":\"3AEB1FC5-1179-4DE9-99A2-D650167A7A60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.1.0\",\"versionEndIncluding\":\"2.3.0\",\"matchCriteriaId\":\"0ADD1B04-9F78-40B3-8314-6935277073B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.1.1\",\"matchCriteriaId\":\"482E630B-93A1-4B9B-8273-821C116ADC4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.0.5\",\"matchCriteriaId\":\"1343FBDC-4BF0-403B-B257-96672F092263\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C138527-73D3-4AEE-BFAB-1D240A585A0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F2EB3D6-EF4C-4241-A31E-3990664004A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D1168D2-93D5-4415-A666-B4BE0B2AC201\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndIncluding\":\"6.4.0\",\"matchCriteriaId\":\"48A2FBA9-207F-4F16-932D-BF0BA3440503\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C6AC80F-9D91-468D-BEE3-6A0759723673\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.3.67.5r1\",\"matchCriteriaId\":\"FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10\",\"versionEndExcluding\":\"10.1.129.11r1\",\"matchCriteriaId\":\"665EF643-3CDC-4518-9693-0D49F0870283\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.5\",\"versionEndExcluding\":\"10.5.52.11r1\",\"matchCriteriaId\":\"BAE3CC45-49E5-40DE-B5C3-52A754A9C599\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8968E39A-1E16-4B7F-A16A-190EBC20D04F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.10.0\",\"matchCriteriaId\":\"864B5480-704F-4636-A938-7D95AD4223AD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35D34345-0AD1-499C-9A74-982B2D3F305A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DF3F07E-6F4E-4B97-B313-7DA3E8A88451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C98B0EA-7A52-4BDF-90C2-38797FC2B75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FECF06B5-3915-48F0-A140-41C7A27EE99D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBD8B161-0A07-492F-89E4-7A0BD02F6464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"29DF8DD7-B5CC-4152-A726-1D48459068D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC337BB7-9A45-4406-A783-851F279130EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C\"}]}]}],\"references\":[{\"url\":\"http://advisories.mageia.org/MGASA-2014-0393.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://jvn.jp/en/jp/JVN55667175/index.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-1306.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3075.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3077.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3078.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141216207813411&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141216668515282&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141235957116749&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141319209015420&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141330425327438&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141330468527613&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141345648114150&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383026420882&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383081521087&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383138121313&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383196021590&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383244821813&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383304022067&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383353622268&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383465822787&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141450491804793&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141576728022234&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141577137423233&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141577241923505&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141577297623641&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141585637922673&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141694386919794&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358078406056&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142805027510172&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1306.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1311.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1312.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1354.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2014/Oct/0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/58200\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/59272\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/59737\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/59907\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60024\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60034\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60044\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60055\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60063\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60193\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60325\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60433\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60947\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61065\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61128\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61129\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61188\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61283\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61287\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61313\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61328\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61442\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61471\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61479\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61485\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61503\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61550\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61552\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61565\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61603\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61618\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61619\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61622\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61626\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61633\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61641\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61643\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61654\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61676\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61700\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61703\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61711\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61715\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61780\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61816\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61855\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61857\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61873\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/62228\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/62312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/62343\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT6495\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.novell.com/security/cve/CVE-2014-7169.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://twitter.com/taviso/statuses/514887394294652929\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686084\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686447\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-3035\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/252743\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.novell.com/support/kb/doc.php?id=7015701\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/support/kb/doc.php?id=7015721\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/09/24/32\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.qnap.com/i/en/support/con_show.php?cid=61\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/533593/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2363-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2363-2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/ncas/alerts/TA14-268A\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/articles/1200223\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/node/1200223\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://kb.bluecoat.com/index?page=content&id=SA82\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://support.apple.com/kb/HT6535\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.citrix.com/article/CTX200217\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.citrix.com/article/CTX200223\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/34879/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.suse.com/support/shellshock/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://advisories.mageia.org/MGASA-2014-0393.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://jvn.jp/en/jp/JVN55667175/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-1306.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3075.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3077.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3078.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141216207813411&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141216668515282&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141235957116749&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141319209015420&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141330425327438&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141330468527613&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141345648114150&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383026420882&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383081521087&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383138121313&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383196021590&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383244821813&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383304022067&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383353622268&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141383465822787&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141450491804793&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141576728022234&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141577137423233&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141577241923505&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141577297623641&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141585637922673&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141694386919794&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142113462216480&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142358078406056&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=142805027510172&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1306.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1311.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1312.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-1354.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2014/Oct/0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/58200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/59272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/59737\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/59907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60024\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60034\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60044\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60063\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60325\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60433\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/60947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61287\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61442\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61550\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61565\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61603\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61618\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61619\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61626\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61641\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61643\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61654\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61700\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61711\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61715\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61855\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/61873\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/62228\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/62312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/62343\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.apple.com/kb/HT6495\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.novell.com/security/cve/CVE-2014-7169.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://twitter.com/taviso/statuses/514887394294652929\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-3035\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/252743\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.novell.com/support/kb/doc.php?id=7015701\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/support/kb/doc.php?id=7015721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/09/24/32\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.qnap.com/i/en/support/con_show.php?cid=61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/533593/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2363-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2363-2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/ncas/alerts/TA14-268A\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/articles/1200223\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/node/1200223\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://kb.bluecoat.com/index?page=content&id=SA82\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://support.apple.com/kb/HT6535\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.citrix.com/article/CTX200217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.citrix.com/article/CTX200223\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/34879/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.suse.com/support/shellshock/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/09/24/32\", \"name\": \"[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577137423233&w=2\", \"name\": \"HPSBMU03165\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141216668515282&w=2\", \"name\": \"HPSBHF03119\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383138121313&w=2\", \"name\": \"HPSBST03131\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142721162228379&w=2\", \"name\": \"SSRT101819\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/533593/100/0/threaded\", \"name\": \"20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358026505815&w=2\", \"name\": \"HPSBMU03245\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html\", \"name\": \"openSUSE-SU-2014:1229\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686084\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61188\", \"name\": \"61188\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://jvn.jp/en/jp/JVN55667175/index.html\", \"name\": \"JVN#55667175\", \"tags\": [\"third-party-advisory\", \"x_refsource_JVN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61676\", \"name\": \"61676\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html\", \"name\": \"openSUSE-SU-2014:1254\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60433\", \"name\": \"60433\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383026420882&w=2\", \"name\": \"HPSBMU03143\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141585637922673&w=2\", \"name\": \"HPSBMU03182\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1306.html\", \"name\": \"RHSA-2014:1306\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141576728022234&w=2\", \"name\": \"HPSBST03155\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61715\", \"name\": \"61715\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2363-2\", \"name\": \"USN-2363-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61816\", \"name\": \"61816\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html\", \"name\": \"openSUSE-SU-2014:1310\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61442\", \"name\": \"61442\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358078406056&w=2\", \"name\": \"HPSBMU03246\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142805027510172&w=2\", \"name\": \"HPSBST03195\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61283\", \"name\": \"61283\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142113462216480&w=2\", \"name\": \"SSRT101711\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html\", \"name\": \"openSUSE-SU-2014:1308\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61654\", \"name\": \"61654\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.novell.com/support/kb/doc.php?id=7015701\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/62312\", \"name\": \"62312\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/59272\", \"name\": \"59272\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141319209015420&w=2\", \"name\": \"HPSBST03122\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141879528318582&w=2\", \"name\": \"HPSBMU03217\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1312.html\", \"name\": \"RHSA-2014:1312\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2363-1\", \"name\": \"USN-2363-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"SSRT101868\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61703\", \"name\": \"61703\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://support.apple.com/kb/HT6495\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/252743\", \"name\": \"VU#252743\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61065\", \"name\": \"61065\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3075.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383196021590&w=2\", \"name\": \"HPSBST03129\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383081521087&w=2\", \"name\": \"HPSBMU03144\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://support.novell.com/security/cve/CVE-2014-7169.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126\", \"name\": \"JVNDB-2014-000126\", \"tags\": [\"third-party-advisory\", \"x_refsource_JVNDB\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141879528318582&w=2\", \"name\": \"SSRT101827\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/ncas/alerts/TA14-268A\", \"name\": \"TA14-268A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61641\", \"name\": \"61641\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html\", \"name\": \"SUSE-SU-2014:1247\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/node/1200223\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html\", \"name\": \"SUSE-SU-2014:1287\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html\", \"name\": \"APPLE-SA-2014-10-16-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2014/Oct/0\", \"name\": \"20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164\", \"name\": \"MDVSA-2015:164\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61619\", \"name\": \"61619\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3078.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142721162228379&w=2\", \"name\": \"HPSBMU03220\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60325\", \"name\": \"60325\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60024\", \"name\": \"60024\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/34879/\", \"name\": \"34879\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61622\", \"name\": \"61622\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/articles/1200223\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/62343\", \"name\": \"62343\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://advisories.mageia.org/MGASA-2014-0393.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61565\", \"name\": \"61565\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://www.suse.com/support/shellshock/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141450491804793&w=2\", \"name\": \"HPSBST03157\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61313\", \"name\": \"61313\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358026505815&w=2\", \"name\": \"SSRT101742\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61873\", \"name\": \"61873\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61485\", \"name\": \"61485\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html\", \"name\": \"openSUSE-SU-2014:1242\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61618\", \"name\": \"61618\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60947\", \"name\": \"60947\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT6535\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577297623641&w=2\", \"name\": \"HPSBST03154\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383244821813&w=2\", \"name\": \"HPSBGN03142\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61312\", \"name\": \"61312\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60193\", \"name\": \"60193\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61479\", \"name\": \"61479\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60063\", \"name\": \"60063\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60034\", \"name\": \"60034\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141330425327438&w=2\", \"name\": \"HPSBMU03133\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/59907\", \"name\": \"59907\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/58200\", \"name\": \"58200\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577241923505&w=2\", \"name\": \"HPSBST03181\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61643\", \"name\": \"61643\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://twitter.com/taviso/statuses/514887394294652929\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.novell.com/support/kb/doc.php?id=7015721\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61503\", \"name\": \"61503\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1354.html\", \"name\": \"RHSA-2014:1354\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141216207813411&w=2\", \"name\": \"HPSBGN03117\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383465822787&w=2\", \"name\": \"HPSBHF03145\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.qnap.com/i/en/support/con_show.php?cid=61\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141694386919794&w=2\", \"name\": \"HPSBST03148\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61552\", \"name\": \"61552\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61780\", \"name\": \"61780\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.citrix.com/article/CTX200223\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3077.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686447\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/62228\", \"name\": \"62228\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141330468527613&w=2\", \"name\": \"HPSBGN03138\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61855\", \"name\": \"61855\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141235957116749&w=2\", \"name\": \"HPSBHF03124\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60044\", \"name\": \"60044\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61291\", \"name\": \"61291\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141345648114150&w=2\", \"name\": \"HPSBHF03125\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/59737\", \"name\": \"59737\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61287\", \"name\": \"61287\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383353622268&w=2\", \"name\": \"HPSBHF03146\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"HPSBGN03233\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"SSRT101739\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61711\", \"name\": \"61711\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142113462216480&w=2\", \"name\": \"HPSBOV03228\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383304022067&w=2\", \"name\": \"HPSBGN03141\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1311.html\", \"name\": \"RHSA-2014:1311\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61128\", \"name\": \"61128\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2014/dsa-3035\", \"name\": \"DSA-3035\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://support.citrix.com/article/CTX200217\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61471\", \"name\": \"61471\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/60055\", \"name\": \"60055\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash\", \"name\": \"20140926 GNU Bash Environmental Variable Command Injection Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61550\", \"name\": \"61550\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61633\", \"name\": \"61633\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-1306.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://kb.bluecoat.com/index?page=content&id=SA82\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html\", \"name\": \"SUSE-SU-2014:1259\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61328\", \"name\": \"61328\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61129\", \"name\": \"61129\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61700\", \"name\": \"61700\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61626\", \"name\": \"61626\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61603\", \"name\": \"61603\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/61857\", \"name\": \"61857\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T12:40:19.217Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2014-7169\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T19:31:47.209255Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-01-28\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-7169\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T19:31:37.755Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2014-09-24T00:00:00.000Z\", \"references\": [{\"url\": \"http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/09/24/32\", \"name\": \"[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577137423233&w=2\", \"name\": \"HPSBMU03165\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141216668515282&w=2\", \"name\": \"HPSBHF03119\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383138121313&w=2\", \"name\": \"HPSBST03131\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142721162228379&w=2\", \"name\": \"SSRT101819\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/533593/100/0/threaded\", \"name\": \"20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358026505815&w=2\", \"name\": \"HPSBMU03245\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html\", \"name\": \"openSUSE-SU-2014:1229\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686084\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61188\", \"name\": \"61188\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://jvn.jp/en/jp/JVN55667175/index.html\", \"name\": \"JVN#55667175\", \"tags\": [\"third-party-advisory\", \"x_refsource_JVN\"]}, {\"url\": \"http://secunia.com/advisories/61676\", \"name\": \"61676\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html\", \"name\": \"openSUSE-SU-2014:1254\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/60433\", \"name\": \"60433\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383026420882&w=2\", \"name\": \"HPSBMU03143\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141585637922673&w=2\", \"name\": \"HPSBMU03182\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1306.html\", \"name\": \"RHSA-2014:1306\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141576728022234&w=2\", \"name\": \"HPSBST03155\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61715\", \"name\": \"61715\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2363-2\", \"name\": \"USN-2363-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61816\", \"name\": \"61816\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html\", \"name\": \"openSUSE-SU-2014:1310\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/61442\", \"name\": \"61442\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358078406056&w=2\", \"name\": \"HPSBMU03246\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142805027510172&w=2\", \"name\": \"HPSBST03195\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61283\", \"name\": \"61283\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142113462216480&w=2\", \"name\": \"SSRT101711\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html\", \"name\": \"openSUSE-SU-2014:1308\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/61654\", \"name\": \"61654\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.novell.com/support/kb/doc.php?id=7015701\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/62312\", \"name\": \"62312\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/59272\", \"name\": \"59272\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141319209015420&w=2\", \"name\": \"HPSBST03122\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141879528318582&w=2\", \"name\": \"HPSBMU03217\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1312.html\", \"name\": \"RHSA-2014:1312\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2363-1\", \"name\": \"USN-2363-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"SSRT101868\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61703\", \"name\": \"61703\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://support.apple.com/kb/HT6495\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/252743\", \"name\": \"VU#252743\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"http://secunia.com/advisories/61065\", \"name\": \"61065\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3075.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383196021590&w=2\", \"name\": \"HPSBST03129\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383081521087&w=2\", \"name\": \"HPSBMU03144\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://support.novell.com/security/cve/CVE-2014-7169.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126\", \"name\": \"JVNDB-2014-000126\", \"tags\": [\"third-party-advisory\", \"x_refsource_JVNDB\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141879528318582&w=2\", \"name\": \"SSRT101827\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.us-cert.gov/ncas/alerts/TA14-268A\", \"name\": \"TA14-268A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://secunia.com/advisories/61641\", \"name\": \"61641\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html\", \"name\": \"SUSE-SU-2014:1247\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/node/1200223\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html\", \"name\": \"SUSE-SU-2014:1287\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html\", \"name\": \"APPLE-SA-2014-10-16-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2014/Oct/0\", \"name\": \"20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164\", \"name\": \"MDVSA-2015:164\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\"]}, {\"url\": \"http://secunia.com/advisories/61619\", \"name\": \"61619\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3078.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142721162228379&w=2\", \"name\": \"HPSBMU03220\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/60325\", \"name\": \"60325\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/60024\", \"name\": \"60024\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.exploit-db.com/exploits/34879/\", \"name\": \"34879\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://secunia.com/advisories/61622\", \"name\": \"61622\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://access.redhat.com/articles/1200223\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/62343\", \"name\": \"62343\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://advisories.mageia.org/MGASA-2014-0393.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61565\", \"name\": \"61565\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://www.suse.com/support/shellshock/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141450491804793&w=2\", \"name\": \"HPSBST03157\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61313\", \"name\": \"61313\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358026505815&w=2\", \"name\": \"SSRT101742\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61873\", \"name\": \"61873\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61485\", \"name\": \"61485\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html\", \"name\": \"openSUSE-SU-2014:1242\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/61618\", \"name\": \"61618\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/60947\", \"name\": \"60947\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.apple.com/kb/HT6535\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577297623641&w=2\", \"name\": \"HPSBST03154\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383244821813&w=2\", \"name\": \"HPSBGN03142\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61312\", \"name\": \"61312\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/60193\", \"name\": \"60193\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61479\", \"name\": \"61479\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/60063\", \"name\": \"60063\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/60034\", \"name\": \"60034\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141330425327438&w=2\", \"name\": \"HPSBMU03133\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/59907\", \"name\": \"59907\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/58200\", \"name\": \"58200\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577241923505&w=2\", \"name\": \"HPSBST03181\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61643\", \"name\": \"61643\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://twitter.com/taviso/statuses/514887394294652929\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.novell.com/support/kb/doc.php?id=7015721\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61503\", \"name\": \"61503\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1354.html\", \"name\": \"RHSA-2014:1354\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141216207813411&w=2\", \"name\": \"HPSBGN03117\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383465822787&w=2\", \"name\": \"HPSBHF03145\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.qnap.com/i/en/support/con_show.php?cid=61\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141694386919794&w=2\", \"name\": \"HPSBST03148\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61552\", \"name\": \"61552\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61780\", \"name\": \"61780\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.citrix.com/article/CTX200223\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3077.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686447\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/62228\", \"name\": \"62228\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141330468527613&w=2\", \"name\": \"HPSBGN03138\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61855\", \"name\": \"61855\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141235957116749&w=2\", \"name\": \"HPSBHF03124\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/60044\", \"name\": \"60044\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61291\", \"name\": \"61291\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141345648114150&w=2\", \"name\": \"HPSBHF03125\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/59737\", \"name\": \"59737\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61287\", \"name\": \"61287\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383353622268&w=2\", \"name\": \"HPSBHF03146\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"HPSBGN03233\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"SSRT101739\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/61711\", \"name\": \"61711\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=142113462216480&w=2\", \"name\": \"HPSBOV03228\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383304022067&w=2\", \"name\": \"HPSBGN03141\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1311.html\", \"name\": \"RHSA-2014:1311\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://secunia.com/advisories/61128\", \"name\": \"61128\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.debian.org/security/2014/dsa-3035\", \"name\": \"DSA-3035\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://support.citrix.com/article/CTX200217\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61471\", \"name\": \"61471\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/60055\", \"name\": \"60055\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash\", \"name\": \"20140926 GNU Bash Environmental Variable Command Injection Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"http://secunia.com/advisories/61550\", \"name\": \"61550\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61633\", \"name\": \"61633\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-1306.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://kb.bluecoat.com/index?page=content&id=SA82\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html\", \"name\": \"SUSE-SU-2014:1259\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://secunia.com/advisories/61328\", \"name\": \"61328\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://secunia.com/advisories/61129\", \"name\": \"61129\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61700\", \"name\": \"61700\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61626\", \"name\": \"61626\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61603\", \"name\": \"61603\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://secunia.com/advisories/61857\", \"name\": \"61857\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2021-11-05T16:41:42.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html\", \"name\": \"http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/09/24/32\", \"name\": \"[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash\", \"refsource\": \"MLIST\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577137423233&w=2\", \"name\": \"HPSBMU03165\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141216668515282&w=2\", \"name\": \"HPSBHF03119\", \"refsource\": \"HP\"}, {\"url\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\", \"name\": \"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383138121313&w=2\", \"name\": \"HPSBST03131\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142721162228379&w=2\", \"name\": \"SSRT101819\", \"refsource\": \"HP\"}, {\"url\": \"http://www.securityfocus.com/archive/1/533593/100/0/threaded\", \"name\": \"20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358026505815&w=2\", \"name\": \"HPSBMU03245\", \"refsource\": \"HP\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html\", \"name\": \"openSUSE-SU-2014:1229\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686084\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686084\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61188\", \"name\": \"61188\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://jvn.jp/en/jp/JVN55667175/index.html\", \"name\": \"JVN#55667175\", \"refsource\": \"JVN\"}, {\"url\": \"http://secunia.com/advisories/61676\", \"name\": \"61676\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html\", \"name\": \"openSUSE-SU-2014:1254\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/60433\", \"name\": \"60433\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383026420882&w=2\", \"name\": \"HPSBMU03143\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141585637922673&w=2\", \"name\": \"HPSBMU03182\", \"refsource\": \"HP\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1306.html\", \"name\": \"RHSA-2014:1306\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141576728022234&w=2\", \"name\": \"HPSBST03155\", \"refsource\": \"HP\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61715\", \"name\": \"61715\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2363-2\", \"name\": \"USN-2363-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61816\", \"name\": \"61816\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html\", \"name\": \"openSUSE-SU-2014:1310\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/61442\", \"name\": \"61442\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358078406056&w=2\", \"name\": \"HPSBMU03246\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142805027510172&w=2\", \"name\": \"HPSBST03195\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61283\", \"name\": \"61283\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142113462216480&w=2\", \"name\": \"SSRT101711\", \"refsource\": \"HP\"}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\", \"name\": \"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html\", \"name\": \"openSUSE-SU-2014:1308\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/61654\", \"name\": \"61654\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.novell.com/support/kb/doc.php?id=7015701\", \"name\": \"http://www.novell.com/support/kb/doc.php?id=7015701\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\", \"name\": \"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/62312\", \"name\": \"62312\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/59272\", \"name\": \"59272\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141319209015420&w=2\", \"name\": \"HPSBST03122\", \"refsource\": \"HP\"}, {\"url\": \"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\", \"name\": \"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141879528318582&w=2\", \"name\": \"HPSBMU03217\", \"refsource\": \"HP\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1312.html\", \"name\": \"RHSA-2014:1312\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2363-1\", \"name\": \"USN-2363-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"SSRT101868\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61703\", \"name\": \"61703\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://support.apple.com/kb/HT6495\", \"name\": \"http://support.apple.com/kb/HT6495\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/252743\", \"name\": \"VU#252743\", \"refsource\": \"CERT-VN\"}, {\"url\": \"http://secunia.com/advisories/61065\", \"name\": \"61065\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3075.html\", \"name\": \"http://linux.oracle.com/errata/ELSA-2014-3075.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383196021590&w=2\", \"name\": \"HPSBST03129\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383081521087&w=2\", \"name\": \"HPSBMU03144\", \"refsource\": \"HP\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://support.novell.com/security/cve/CVE-2014-7169.html\", \"name\": \"http://support.novell.com/security/cve/CVE-2014-7169.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126\", \"name\": \"JVNDB-2014-000126\", \"refsource\": \"JVNDB\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141879528318582&w=2\", \"name\": \"SSRT101827\", \"refsource\": \"HP\"}, {\"url\": \"http://www.us-cert.gov/ncas/alerts/TA14-268A\", \"name\": \"TA14-268A\", \"refsource\": \"CERT\"}, {\"url\": \"http://secunia.com/advisories/61641\", \"name\": \"61641\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html\", \"name\": \"SUSE-SU-2014:1247\", \"refsource\": \"SUSE\"}, {\"url\": \"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\", \"name\": \"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/node/1200223\", \"name\": \"https://access.redhat.com/node/1200223\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html\", \"name\": \"SUSE-SU-2014:1287\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html\", \"name\": \"APPLE-SA-2014-10-16-1\", \"refsource\": \"APPLE\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://seclists.org/fulldisclosure/2014/Oct/0\", \"name\": \"20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities\", \"refsource\": \"FULLDISC\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164\", \"name\": \"MDVSA-2015:164\", \"refsource\": \"MANDRIVA\"}, {\"url\": \"http://secunia.com/advisories/61619\", \"name\": \"61619\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3078.html\", \"name\": \"http://linux.oracle.com/errata/ELSA-2014-3078.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\", \"name\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142721162228379&w=2\", \"name\": \"HPSBMU03220\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/60325\", \"name\": \"60325\", \"refsource\": \"SECUNIA\"}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"name\": \"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/60024\", \"name\": \"60024\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\", \"name\": \"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.exploit-db.com/exploits/34879/\", \"name\": \"34879\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://secunia.com/advisories/61622\", \"name\": \"61622\", \"refsource\": \"SECUNIA\"}, {\"url\": \"https://access.redhat.com/articles/1200223\", \"name\": \"https://access.redhat.com/articles/1200223\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/62343\", \"name\": \"62343\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://advisories.mageia.org/MGASA-2014-0393.html\", \"name\": \"http://advisories.mageia.org/MGASA-2014-0393.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61565\", \"name\": \"61565\", \"refsource\": \"SECUNIA\"}, {\"url\": \"https://www.suse.com/support/shellshock/\", \"name\": \"https://www.suse.com/support/shellshock/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141450491804793&w=2\", \"name\": \"HPSBST03157\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61313\", \"name\": \"61313\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142358026505815&w=2\", \"name\": \"SSRT101742\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61873\", \"name\": \"61873\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61485\", \"name\": \"61485\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html\", \"name\": \"openSUSE-SU-2014:1242\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/61618\", \"name\": \"61618\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/60947\", \"name\": \"60947\", \"refsource\": \"SECUNIA\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\", \"name\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.apple.com/kb/HT6535\", \"name\": \"https://support.apple.com/kb/HT6535\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577297623641&w=2\", \"name\": \"HPSBST03154\", \"refsource\": \"HP\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383244821813&w=2\", \"name\": \"HPSBGN03142\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61312\", \"name\": \"61312\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/60193\", \"name\": \"60193\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\", \"name\": \"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61479\", \"name\": \"61479\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/60063\", \"name\": \"60063\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/60034\", \"name\": \"60034\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141330425327438&w=2\", \"name\": \"HPSBMU03133\", \"refsource\": \"HP\"}, {\"url\": \"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html\", \"name\": \"http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://secunia.com/advisories/59907\", \"name\": \"59907\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/58200\", \"name\": \"58200\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141577241923505&w=2\", \"name\": \"HPSBST03181\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61643\", \"name\": \"61643\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://twitter.com/taviso/statuses/514887394294652929\", \"name\": \"http://twitter.com/taviso/statuses/514887394294652929\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.novell.com/support/kb/doc.php?id=7015721\", \"name\": \"http://www.novell.com/support/kb/doc.php?id=7015721\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61503\", \"name\": \"61503\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1354.html\", \"name\": \"RHSA-2014:1354\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141216207813411&w=2\", \"name\": \"HPSBGN03117\", \"refsource\": \"HP\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383465822787&w=2\", \"name\": \"HPSBHF03145\", \"refsource\": \"HP\"}, {\"url\": \"http://www.qnap.com/i/en/support/con_show.php?cid=61\", \"name\": \"http://www.qnap.com/i/en/support/con_show.php?cid=61\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141694386919794&w=2\", \"name\": \"HPSBST03148\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61552\", \"name\": \"61552\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61780\", \"name\": \"61780\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.citrix.com/article/CTX200223\", \"name\": \"https://support.citrix.com/article/CTX200223\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-3077.html\", \"name\": \"http://linux.oracle.com/errata/ELSA-2014-3077.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686447\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686447\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/62228\", \"name\": \"62228\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141330468527613&w=2\", \"name\": \"HPSBGN03138\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61855\", \"name\": \"61855\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141235957116749&w=2\", \"name\": \"HPSBHF03124\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/60044\", \"name\": \"60044\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61291\", \"name\": \"61291\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141345648114150&w=2\", \"name\": \"HPSBHF03125\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/59737\", \"name\": \"59737\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61287\", \"name\": \"61287\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383353622268&w=2\", \"name\": \"HPSBHF03146\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"HPSBGN03233\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142118135300698&w=2\", \"name\": \"SSRT101739\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/61711\", \"name\": \"61711\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=142113462216480&w=2\", \"name\": \"HPSBOV03228\", \"refsource\": \"HP\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq&m=141383304022067&w=2\", \"name\": \"HPSBGN03141\", \"refsource\": \"HP\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-1311.html\", \"name\": \"RHSA-2014:1311\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://secunia.com/advisories/61128\", \"name\": \"61128\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.debian.org/security/2014/dsa-3035\", \"name\": \"DSA-3035\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://support.citrix.com/article/CTX200217\", \"name\": \"https://support.citrix.com/article/CTX200217\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61471\", \"name\": \"61471\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/60055\", \"name\": \"60055\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash\", \"name\": \"20140926 GNU Bash Environmental Variable Command Injection Vulnerability\", \"refsource\": \"CISCO\"}, {\"url\": \"http://secunia.com/advisories/61550\", \"name\": \"61550\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61633\", \"name\": \"61633\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://linux.oracle.com/errata/ELSA-2014-1306.html\", \"name\": \"http://linux.oracle.com/errata/ELSA-2014-1306.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://kb.bluecoat.com/index?page=content&id=SA82\", \"name\": \"https://kb.bluecoat.com/index?page=content&id=SA82\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html\", \"name\": \"SUSE-SU-2014:1259\", \"refsource\": \"SUSE\"}, {\"url\": \"http://secunia.com/advisories/61328\", \"name\": \"61328\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://secunia.com/advisories/61129\", \"name\": \"61129\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61700\", \"name\": \"61700\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61626\", \"name\": \"61626\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61603\", \"name\": \"61603\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://secunia.com/advisories/61857\", \"name\": \"61857\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\", \"name\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006\", \"name\": \"https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2014-7169\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}", cveMetadata: "{\"cveId\": \"CVE-2014-7169\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-10T19:31:56.166Z\", \"dateReserved\": \"2014-09-24T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2014-09-25T01:00:00.000Z\", \"assignerShortName\": \"mitre\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
rhsa-2014_1354
Vulnerability from csaf_redhat
Published
2014-10-02 18:40
Modified
2024-12-15 18:38
Summary
Red Hat Security Advisory: rhev-hypervisor6 security update
Notes
Topic
An updated rhev-hypervisor6 package that fixes several security issues is
now available.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: a subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.
Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.
A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override or
bypass environment restrictions to execute shell commands. Certain services
and applications allow remote unauthenticated attackers to provide
environment variables, allowing them to exploit this issue. (CVE-2014-6271)
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)
input from certain RSA signatures. A remote attacker could use this flaw to
forge RSA certificates by providing a specially crafted signature to an
application using NSS. (CVE-2014-1568)
It was discovered that the fixed-sized redir_stack could be forced to
overflow in the Bash parser, resulting in memory corruption, and possibly
leading to arbitrary code execution when evaluating untrusted input that
would not otherwise be run as code. (CVE-2014-7186)
An off-by-one error was discovered in the way Bash was handling deeply
nested flow control constructs. Depending on the layout of the .bss
segment, this could allow arbitrary execution of code that would not
otherwise be executed by Bash. (CVE-2014-7187)
Red Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,
and the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges
Antoine Delignat-Lavaud and Intel Product Security Incident Response Team
as the original reporters of CVE-2014-1568. The CVE-2014-7186 and
CVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product
Security.
Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An updated rhev-hypervisor6 package that fixes several security issues is\nnow available.\n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way Bash evaluated certain specially crafted\nenvironment variables. An attacker could use this flaw to override or\nbypass environment restrictions to execute shell commands. Certain services\nand applications allow remote unauthenticated attackers to provide\nenvironment variables, allowing them to exploit this issue. (CVE-2014-6271)\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nA flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)\ninput from certain RSA signatures. A remote attacker could use this flaw to\nforge RSA certificates by providing a specially crafted signature to an\napplication using NSS. (CVE-2014-1568)\n\nIt was discovered that the fixed-sized redir_stack could be forced to\noverflow in the Bash parser, resulting in memory corruption, and possibly\nleading to arbitrary code execution when evaluating untrusted input that\nwould not otherwise be run as code. (CVE-2014-7186)\n\nAn off-by-one error was discovered in the way Bash was handling deeply\nnested flow control constructs. Depending on the layout of the .bss\nsegment, this could allow arbitrary execution of code that would not\notherwise be executed by Bash. (CVE-2014-7187)\n\nRed Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,\nand the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges\nAntoine Delignat-Lavaud and Intel Product Security Incident Response Team\nas the original reporters of CVE-2014-1568. The CVE-2014-7186 and\nCVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1354", url: "https://access.redhat.com/errata/RHSA-2014:1354", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "1141597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { category: "external", summary: "1145429", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1145429", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1354.json", }, ], title: "Red Hat Security Advisory: rhev-hypervisor6 security update", tracking: { current_release_date: "2024-12-15T18:38:44+00:00", generator: { date: "2024-12-15T18:38:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2014:1354", initial_release_date: "2014-10-02T18:40:05+00:00", revision_history: [ { date: "2014-10-02T18:40:05+00:00", number: "1", summary: "Initial version", }, { date: "2014-10-02T18:40:05+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-15T18:38:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHEV-M 3.4", product: { name: "RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:3", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product_id: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1.el6ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product_id: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1.el6ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch as a component of RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", }, product_reference: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", relates_to_product_reference: "6Server-RHEV-S-3.4", }, { category: "default_component_of", full_product_name: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src as a component of RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", }, product_reference: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", relates_to_product_reference: "6Server-RHEV-S-3.4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Antoine Delignat-Lavaud", "Intel Product Security Incident Response Team", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2014-1568", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2014-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1145429", }, ], notes: [ { category: "description", text: "A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS.", title: "Vulnerability description", }, { category: "summary", text: "nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-1568", }, { category: "external", summary: "RHBZ#1145429", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1145429", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-1568", url: "https://www.cve.org/CVERecord?id=CVE-2014-1568", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-1568", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-1568", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)", }, { cve: "CVE-2014-6271", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, discovery_date: "2014-09-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1141597", }, ], notes: [ { category: "description", text: "A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: specially-crafted environment variables can be used to inject shell commands", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-6271", }, { category: "external", summary: "RHBZ#1141597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-6271", url: "https://www.cve.org/CVERecord?id=CVE-2014-6271", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-6271", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-6271", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack", url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Critical", }, ], title: "bash: specially-crafted environment variables can be used to inject shell commands", }, { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014_1306
Vulnerability from csaf_redhat
Published
2014-09-26 01:46
Modified
2024-11-14 16:26
Summary
Red Hat Security Advisory: bash security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash packages that fix one security issue are now available for Red
Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash packages that fix one security issue are now available for Red\nHat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1306", url: "https://access.redhat.com/errata/RHSA-2014:1306", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1306.json", }, ], title: "Red Hat Security Advisory: bash security update", tracking: { current_release_date: "2024-11-14T16:26:09+00:00", generator: { date: "2024-11-14T16:26:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1306", initial_release_date: "2014-09-26T01:46:36+00:00", revision_history: [ { date: "2014-09-26T01:46:36+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T16:02:45+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:26:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux (v. 5 server)", product: { name: "Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.src", product: { name: "bash-0:4.1.2-15.el6_5.2.src", product_id: "bash-0:4.1.2-15.el6_5.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.src", product: { name: "bash-0:4.2.45-5.el7_0.4.src", product_id: "bash-0:4.2.45-5.el7_0.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.src", product: { name: "bash-0:3.2-33.el5_11.4.src", product_id: "bash-0:3.2-33.el5_11.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=i686", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-0:4.1.2-15.el6_5.2.i686", product_id: "bash-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.x86_64", product: { name: "bash-0:3.2-33.el5_11.4.x86_64", product_id: "bash-0:3.2-33.el5_11.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.s390x", product: { name: "bash-0:3.2-33.el5_11.4.s390x", product_id: "bash-0:3.2-33.el5_11.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.i386", product: { name: "bash-0:3.2-33.el5_11.4.i386", product_id: "bash-0:3.2-33.el5_11.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.ia64", product: { name: "bash-0:3.2-33.el5_11.4.ia64", product_id: "bash-0:3.2-33.el5_11.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=ppc", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.ppc", product: { name: "bash-0:3.2-33.el5_11.4.ppc", product_id: "bash-0:3.2-33.el5_11.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", }, product_reference: "bash-0:3.2-33.el5_11.4.src", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.src as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", }, product_reference: "bash-0:3.2-33.el5_11.4.src", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014:1312
Vulnerability from csaf_redhat
Published
2014-09-26 21:28
Modified
2024-11-14 16:26
Summary
Red Hat Security Advisory: bash Shift_JIS security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash Shift_JIS packages that fix one security issue are now
available for Red Hat Enterprise Linux 5 and 6.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese
language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in
functions are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1312", url: "https://access.redhat.com/errata/RHSA-2014:1312", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1312.json", }, ], title: "Red Hat Security Advisory: bash Shift_JIS security update", tracking: { current_release_date: "2024-11-14T16:26:22+00:00", generator: { date: "2024-11-14T16:26:22+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1312", initial_release_date: "2014-09-26T21:28:16+00:00", revision_history: [ { date: "2014-09-26T21:28:16+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T15:08:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:26:22+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "S-JIS for Red Hat Enteprise Linux 6 Server", product: { name: "S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:6", }, }, }, { category: "product_name", name: "S-JIS for Red Hat Enteprise Linux 5 Server", product: { name: "S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:5", }, }, }, ], category: "product_family", name: "RHEL S-JIS Service", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.src", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.src", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.i386 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.i386", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.src as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.src", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
RHSA-2014:1306
Vulnerability from csaf_redhat
Published
2014-09-26 01:46
Modified
2025-03-19 13:58
Summary
Red Hat Security Advisory: bash security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash packages that fix one security issue are now available for Red
Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash packages that fix one security issue are now available for Red\nHat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1306", url: "https://access.redhat.com/errata/RHSA-2014:1306", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1306.json", }, ], title: "Red Hat Security Advisory: bash security update", tracking: { current_release_date: "2025-03-19T13:58:19+00:00", generator: { date: "2025-03-19T13:58:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2014:1306", initial_release_date: "2014-09-26T01:46:36+00:00", revision_history: [ { date: "2014-09-26T01:46:36+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T16:02:45+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T13:58:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux (v. 5 server)", product: { name: "Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.src", product: { name: "bash-0:4.1.2-15.el6_5.2.src", product_id: "bash-0:4.1.2-15.el6_5.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.src", product: { name: "bash-0:4.2.45-5.el7_0.4.src", product_id: "bash-0:4.2.45-5.el7_0.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.src", product: { name: "bash-0:3.2-33.el5_11.4.src", product_id: "bash-0:3.2-33.el5_11.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=i686", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-0:4.1.2-15.el6_5.2.i686", product_id: "bash-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.x86_64", product: { name: "bash-0:3.2-33.el5_11.4.x86_64", product_id: "bash-0:3.2-33.el5_11.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.s390x", product: { name: "bash-0:3.2-33.el5_11.4.s390x", product_id: "bash-0:3.2-33.el5_11.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.i386", product: { name: "bash-0:3.2-33.el5_11.4.i386", product_id: "bash-0:3.2-33.el5_11.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.ia64", product: { name: "bash-0:3.2-33.el5_11.4.ia64", product_id: "bash-0:3.2-33.el5_11.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=ppc", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.ppc", product: { name: "bash-0:3.2-33.el5_11.4.ppc", product_id: "bash-0:3.2-33.el5_11.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", }, product_reference: "bash-0:3.2-33.el5_11.4.src", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.src as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", }, product_reference: "bash-0:3.2-33.el5_11.4.src", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
RHSA-2014:1354
Vulnerability from csaf_redhat
Published
2014-10-02 18:40
Modified
2024-12-15 18:38
Summary
Red Hat Security Advisory: rhev-hypervisor6 security update
Notes
Topic
An updated rhev-hypervisor6 package that fixes several security issues is
now available.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: a subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.
Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.
A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override or
bypass environment restrictions to execute shell commands. Certain services
and applications allow remote unauthenticated attackers to provide
environment variables, allowing them to exploit this issue. (CVE-2014-6271)
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)
input from certain RSA signatures. A remote attacker could use this flaw to
forge RSA certificates by providing a specially crafted signature to an
application using NSS. (CVE-2014-1568)
It was discovered that the fixed-sized redir_stack could be forced to
overflow in the Bash parser, resulting in memory corruption, and possibly
leading to arbitrary code execution when evaluating untrusted input that
would not otherwise be run as code. (CVE-2014-7186)
An off-by-one error was discovered in the way Bash was handling deeply
nested flow control constructs. Depending on the layout of the .bss
segment, this could allow arbitrary execution of code that would not
otherwise be executed by Bash. (CVE-2014-7187)
Red Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,
and the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges
Antoine Delignat-Lavaud and Intel Product Security Incident Response Team
as the original reporters of CVE-2014-1568. The CVE-2014-7186 and
CVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product
Security.
Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An updated rhev-hypervisor6 package that fixes several security issues is\nnow available.\n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way Bash evaluated certain specially crafted\nenvironment variables. An attacker could use this flaw to override or\nbypass environment restrictions to execute shell commands. Certain services\nand applications allow remote unauthenticated attackers to provide\nenvironment variables, allowing them to exploit this issue. (CVE-2014-6271)\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nA flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)\ninput from certain RSA signatures. A remote attacker could use this flaw to\nforge RSA certificates by providing a specially crafted signature to an\napplication using NSS. (CVE-2014-1568)\n\nIt was discovered that the fixed-sized redir_stack could be forced to\noverflow in the Bash parser, resulting in memory corruption, and possibly\nleading to arbitrary code execution when evaluating untrusted input that\nwould not otherwise be run as code. (CVE-2014-7186)\n\nAn off-by-one error was discovered in the way Bash was handling deeply\nnested flow control constructs. Depending on the layout of the .bss\nsegment, this could allow arbitrary execution of code that would not\notherwise be executed by Bash. (CVE-2014-7187)\n\nRed Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,\nand the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges\nAntoine Delignat-Lavaud and Intel Product Security Incident Response Team\nas the original reporters of CVE-2014-1568. The CVE-2014-7186 and\nCVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1354", url: "https://access.redhat.com/errata/RHSA-2014:1354", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "1141597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { category: "external", summary: "1145429", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1145429", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1354.json", }, ], title: "Red Hat Security Advisory: rhev-hypervisor6 security update", tracking: { current_release_date: "2024-12-15T18:38:44+00:00", generator: { date: "2024-12-15T18:38:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2014:1354", initial_release_date: "2014-10-02T18:40:05+00:00", revision_history: [ { date: "2014-10-02T18:40:05+00:00", number: "1", summary: "Initial version", }, { date: "2014-10-02T18:40:05+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-15T18:38:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHEV-M 3.4", product: { name: "RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:3", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product_id: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1.el6ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product_id: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1.el6ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch as a component of RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", }, product_reference: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", relates_to_product_reference: "6Server-RHEV-S-3.4", }, { category: "default_component_of", full_product_name: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src as a component of RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", }, product_reference: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", relates_to_product_reference: "6Server-RHEV-S-3.4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Antoine Delignat-Lavaud", "Intel Product Security Incident Response Team", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2014-1568", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2014-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1145429", }, ], notes: [ { category: "description", text: "A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS.", title: "Vulnerability description", }, { category: "summary", text: "nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-1568", }, { category: "external", summary: "RHBZ#1145429", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1145429", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-1568", url: "https://www.cve.org/CVERecord?id=CVE-2014-1568", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-1568", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-1568", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)", }, { cve: "CVE-2014-6271", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, discovery_date: "2014-09-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1141597", }, ], notes: [ { category: "description", text: "A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: specially-crafted environment variables can be used to inject shell commands", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-6271", }, { category: "external", summary: "RHBZ#1141597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-6271", url: "https://www.cve.org/CVERecord?id=CVE-2014-6271", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-6271", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-6271", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack", url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Critical", }, ], title: "bash: specially-crafted environment variables can be used to inject shell commands", }, { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014_1311
Vulnerability from csaf_redhat
Published
2014-09-26 17:58
Modified
2024-11-14 16:26
Summary
Red Hat Security Advisory: bash security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash packages that fix one security issue are now available for Red
Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise
Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support,
Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat
Enterprise Linux 6.4 Extended Update Support.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash packages that fix one security issue are now available for Red\nHat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise\nLinux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support,\nRed Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat\nEnterprise Linux 6.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1311", url: "https://access.redhat.com/errata/RHSA-2014:1311", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1311.json", }, ], title: "Red Hat Security Advisory: bash security update", tracking: { current_release_date: "2024-11-14T16:26:16+00:00", generator: { date: "2024-11-14T16:26:16+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1311", initial_release_date: "2014-09-26T17:58:08+00:00", revision_history: [ { date: "2014-09-26T17:58:08+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T15:08:45+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:26:16+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 6.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:6.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:6.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Long Life (v. 5.6 server)", product: { name: "Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:5.6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux EUS (v. 5.9 server)", product: { name: "Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:5.9", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AS (v. 4 ELS)", product: { name: "Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES (v. 4 ELS)", product: { name: "Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:4::es", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.src", product: { name: "bash-0:4.1.2-15.el6_4.2.src", product_id: "bash-0:4.1.2-15.el6_4.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:4.1.2-9.el6_2.2.src", product: { name: "bash-0:4.1.2-9.el6_2.2.src", product_id: "bash-0:4.1.2-9.el6_2.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-9.el6_2.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-24.el5_6.2.src", product: { name: "bash-0:3.2-24.el5_6.2.src", product_id: "bash-0:3.2-24.el5_6.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.src", product: { name: "bash-0:3.2-32.el5_9.3.src", product_id: "bash-0:3.2-32.el5_9.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.src", product: { name: "bash-0:3.0-27.el4.4.src", product_id: "bash-0:3.0-27.el4.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.s390x", product: { name: "bash-0:3.2-32.el5_9.3.s390x", product_id: "bash-0:3.2-32.el5_9.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=i686", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-0:4.1.2-15.el6_4.2.i686", product_id: "bash-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-24.el5_6.2.x86_64", product: { name: "bash-0:3.2-24.el5_6.2.x86_64", product_id: "bash-0:3.2-24.el5_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.x86_64", product: { name: "bash-0:3.2-32.el5_9.3.x86_64", product_id: "bash-0:3.2-32.el5_9.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product_id: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.x86_64", product: { name: "bash-0:3.0-27.el4.4.x86_64", product_id: "bash-0:3.0-27.el4.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-24.el5_6.2.ia64", product: { name: "bash-0:3.2-24.el5_6.2.ia64", product_id: "bash-0:3.2-24.el5_6.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.ia64", product: { name: "bash-0:3.2-32.el5_9.3.ia64", product_id: "bash-0:3.2-32.el5_9.3.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.ia64", product: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64", product_id: "bash-debuginfo-0:3.0-27.el4.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.ia64", product: { name: "bash-0:3.0-27.el4.4.ia64", product_id: "bash-0:3.0-27.el4.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-24.el5_6.2.i386", product: { name: "bash-0:3.2-24.el5_6.2.i386", product_id: "bash-0:3.2-24.el5_6.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.i386", product: { name: "bash-0:3.2-32.el5_9.3.i386", product_id: "bash-0:3.2-32.el5_9.3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.i386", product: { name: "bash-debuginfo-0:3.0-27.el4.4.i386", product_id: "bash-debuginfo-0:3.0-27.el4.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.i386", product: { name: "bash-0:3.0-27.el4.4.i386", product_id: "bash-0:3.0-27.el4.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=ppc", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.ppc", product: { name: "bash-0:3.2-32.el5_9.3.ppc", product_id: "bash-0:3.2-32.el5_9.3.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.i386", }, product_reference: "bash-0:3.0-27.el4.4.i386", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.ia64", }, product_reference: "bash-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.src as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.src", }, product_reference: "bash-0:3.0-27.el4.4.src", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.i386", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.i386", }, product_reference: "bash-0:3.0-27.el4.4.i386", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.ia64", }, product_reference: "bash-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.src as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.src", }, product_reference: "bash-0:3.0-27.el4.4.src", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.i386", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", }, product_reference: "bash-0:3.2-24.el5_6.2.i386", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", }, product_reference: "bash-0:3.2-24.el5_6.2.ia64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.src as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", }, product_reference: "bash-0:3.2-24.el5_6.2.src", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", }, product_reference: "bash-0:3.2-24.el5_6.2.x86_64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.i386", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.i386 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", }, product_reference: "bash-0:3.2-32.el5_9.3.i386", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.ia64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", }, product_reference: "bash-0:3.2-32.el5_9.3.ia64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.ppc as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", }, product_reference: "bash-0:3.2-32.el5_9.3.ppc", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.s390x as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", }, product_reference: "bash-0:3.2-32.el5_9.3.s390x", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.src as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", }, product_reference: "bash-0:3.2-32.el5_9.3.src", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.x86_64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", }, product_reference: "bash-0:3.2-32.el5_9.3.x86_64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.i386 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.i386", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.src as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", }, product_reference: "bash-0:4.1.2-9.el6_2.2.src", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", }, product_reference: "bash-0:4.1.2-9.el6_2.2.src", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
RHSA-2014:1312
Vulnerability from csaf_redhat
Published
2014-09-26 21:28
Modified
2024-11-14 16:26
Summary
Red Hat Security Advisory: bash Shift_JIS security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash Shift_JIS packages that fix one security issue are now
available for Red Hat Enterprise Linux 5 and 6.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese
language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in
functions are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1312", url: "https://access.redhat.com/errata/RHSA-2014:1312", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1312.json", }, ], title: "Red Hat Security Advisory: bash Shift_JIS security update", tracking: { current_release_date: "2024-11-14T16:26:22+00:00", generator: { date: "2024-11-14T16:26:22+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1312", initial_release_date: "2014-09-26T21:28:16+00:00", revision_history: [ { date: "2014-09-26T21:28:16+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T15:08:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:26:22+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "S-JIS for Red Hat Enteprise Linux 6 Server", product: { name: "S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:6", }, }, }, { category: "product_name", name: "S-JIS for Red Hat Enteprise Linux 5 Server", product: { name: "S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:5", }, }, }, ], category: "product_family", name: "RHEL S-JIS Service", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.src", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.src", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.i386 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.i386", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.src as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.src", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014_1312
Vulnerability from csaf_redhat
Published
2014-09-26 21:28
Modified
2024-11-14 16:26
Summary
Red Hat Security Advisory: bash Shift_JIS security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash Shift_JIS packages that fix one security issue are now
available for Red Hat Enterprise Linux 5 and 6.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese
language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in
functions are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1312", url: "https://access.redhat.com/errata/RHSA-2014:1312", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1312.json", }, ], title: "Red Hat Security Advisory: bash Shift_JIS security update", tracking: { current_release_date: "2024-11-14T16:26:22+00:00", generator: { date: "2024-11-14T16:26:22+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1312", initial_release_date: "2014-09-26T21:28:16+00:00", revision_history: [ { date: "2014-09-26T21:28:16+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T15:08:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:26:22+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "S-JIS for Red Hat Enteprise Linux 6 Server", product: { name: "S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:6", }, }, }, { category: "product_name", name: "S-JIS for Red Hat Enteprise Linux 5 Server", product: { name: "S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:5", }, }, }, ], category: "product_family", name: "RHEL S-JIS Service", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.1.sjis.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product_id: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.1.sjis.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.src", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.src", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product_id: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.1.sjis.2?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product: { name: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product_id: "bash-0:3.2-33.el5_11.1.sjis.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.1.sjis.2?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.i386 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.i386", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.ia64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.ia64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.src as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.src", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.1.sjis.2.x86_64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 5 Server", product_id: "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", relates_to_product_reference: "5Server-SJIS-5.11.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.src as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.src", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64 as a component of S-JIS for Red Hat Enteprise Linux 6 Server", product_id: "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", relates_to_product_reference: "6Server-SJIS-6.5.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T21:28:16+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1312", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.src", "5Server-SJIS-5.11.z:bash-0:3.2-33.el5_11.1.sjis.2.x86_64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.i386", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.ia64", "5Server-SJIS-5.11.z:bash-debuginfo-0:3.2-33.el5_11.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.src", "6Server-SJIS-6.5.Z:bash-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-debuginfo-0:4.1.2-15.el6_5.1.sjis.2.x86_64", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.i686", "6Server-SJIS-6.5.Z:bash-doc-0:4.1.2-15.el6_5.1.sjis.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014:1354
Vulnerability from csaf_redhat
Published
2014-10-02 18:40
Modified
2024-12-15 18:38
Summary
Red Hat Security Advisory: rhev-hypervisor6 security update
Notes
Topic
An updated rhev-hypervisor6 package that fixes several security issues is
now available.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization
Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor
is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes
everything necessary to run and manage virtual machines: a subset of the
Red Hat Enterprise Linux operating environment and the Red Hat Enterprise
Virtualization Agent.
Note: Red Hat Enterprise Virtualization Hypervisor is only available for
the Intel 64 and AMD64 architectures with virtualization extensions.
A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override or
bypass environment restrictions to execute shell commands. Certain services
and applications allow remote unauthenticated attackers to provide
environment variables, allowing them to exploit this issue. (CVE-2014-6271)
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)
input from certain RSA signatures. A remote attacker could use this flaw to
forge RSA certificates by providing a specially crafted signature to an
application using NSS. (CVE-2014-1568)
It was discovered that the fixed-sized redir_stack could be forced to
overflow in the Bash parser, resulting in memory corruption, and possibly
leading to arbitrary code execution when evaluating untrusted input that
would not otherwise be run as code. (CVE-2014-7186)
An off-by-one error was discovered in the way Bash was handling deeply
nested flow control constructs. Depending on the layout of the .bss
segment, this could allow arbitrary execution of code that would not
otherwise be executed by Bash. (CVE-2014-7187)
Red Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,
and the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges
Antoine Delignat-Lavaud and Intel Product Security Incident Response Team
as the original reporters of CVE-2014-1568. The CVE-2014-7186 and
CVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product
Security.
Users of the Red Hat Enterprise Virtualization Hypervisor are advised to
upgrade to this updated package.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An updated rhev-hypervisor6 package that fixes several security issues is\nnow available.\n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", title: "Topic", }, { category: "general", text: "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way Bash evaluated certain specially crafted\nenvironment variables. An attacker could use this flaw to override or\nbypass environment restrictions to execute shell commands. Certain services\nand applications allow remote unauthenticated attackers to provide\nenvironment variables, allowing them to exploit this issue. (CVE-2014-6271)\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nA flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)\ninput from certain RSA signatures. A remote attacker could use this flaw to\nforge RSA certificates by providing a specially crafted signature to an\napplication using NSS. (CVE-2014-1568)\n\nIt was discovered that the fixed-sized redir_stack could be forced to\noverflow in the Bash parser, resulting in memory corruption, and possibly\nleading to arbitrary code execution when evaluating untrusted input that\nwould not otherwise be run as code. (CVE-2014-7186)\n\nAn off-by-one error was discovered in the way Bash was handling deeply\nnested flow control constructs. Depending on the layout of the .bss\nsegment, this could allow arbitrary execution of code that would not\notherwise be executed by Bash. (CVE-2014-7187)\n\nRed Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,\nand the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges\nAntoine Delignat-Lavaud and Intel Product Security Incident Response Team\nas the original reporters of CVE-2014-1568. The CVE-2014-7186 and\nCVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1354", url: "https://access.redhat.com/errata/RHSA-2014:1354", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "1141597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { category: "external", summary: "1145429", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1145429", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1354.json", }, ], title: "Red Hat Security Advisory: rhev-hypervisor6 security update", tracking: { current_release_date: "2024-12-15T18:38:44+00:00", generator: { date: "2024-12-15T18:38:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2014:1354", initial_release_date: "2014-10-02T18:40:05+00:00", revision_history: [ { date: "2014-10-02T18:40:05+00:00", number: "1", summary: "Initial version", }, { date: "2014-10-02T18:40:05+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-15T18:38:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHEV-M 3.4", product: { name: "RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:3", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product_id: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1.el6ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product_id: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhev-hypervisor6@6.5-20140930.1.el6ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch as a component of RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", }, product_reference: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", relates_to_product_reference: "6Server-RHEV-S-3.4", }, { category: "default_component_of", full_product_name: { name: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src as a component of RHEV-M 3.4", product_id: "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", }, product_reference: "rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", relates_to_product_reference: "6Server-RHEV-S-3.4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Antoine Delignat-Lavaud", "Intel Product Security Incident Response Team", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2014-1568", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, discovery_date: "2014-09-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1145429", }, ], notes: [ { category: "description", text: "A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS.", title: "Vulnerability description", }, { category: "summary", text: "nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-1568", }, { category: "external", summary: "RHBZ#1145429", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1145429", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-1568", url: "https://www.cve.org/CVERecord?id=CVE-2014-1568", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-1568", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-1568", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html", url: "http://www.mozilla.org/security/announce/2014/mfsa2014-73.html", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)", }, { cve: "CVE-2014-6271", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, discovery_date: "2014-09-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1141597", }, ], notes: [ { category: "description", text: "A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: specially-crafted environment variables can be used to inject shell commands", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-6271", }, { category: "external", summary: "RHBZ#1141597", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-6271", url: "https://www.cve.org/CVERecord?id=CVE-2014-6271", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-6271", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-6271", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack", url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Critical", }, ], title: "bash: specially-crafted environment variables can be used to inject shell commands", }, { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-10-02T18:40:05+00:00", details: "This update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\nTo upgrade Hypervisors in Red Hat Enterprise Virtualization environments\nusing the disk image provided by this package, refer to:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Enterprise_Virtualization_Hypervisors.html", product_ids: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1354", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.noarch", "6Server-RHEV-S-3.4:rhev-hypervisor6-0:6.5-20140930.1.el6ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
RHSA-2014:1311
Vulnerability from csaf_redhat
Published
2014-09-26 17:58
Modified
2024-11-14 16:26
Summary
Red Hat Security Advisory: bash security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash packages that fix one security issue are now available for Red
Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise
Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support,
Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat
Enterprise Linux 6.4 Extended Update Support.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash packages that fix one security issue are now available for Red\nHat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise\nLinux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support,\nRed Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat\nEnterprise Linux 6.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1311", url: "https://access.redhat.com/errata/RHSA-2014:1311", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1311.json", }, ], title: "Red Hat Security Advisory: bash security update", tracking: { current_release_date: "2024-11-14T16:26:16+00:00", generator: { date: "2024-11-14T16:26:16+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1311", initial_release_date: "2014-09-26T17:58:08+00:00", revision_history: [ { date: "2014-09-26T17:58:08+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T15:08:45+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:26:16+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 6.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:6.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:6.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Long Life (v. 5.6 server)", product: { name: "Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:5.6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux EUS (v. 5.9 server)", product: { name: "Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:5.9", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AS (v. 4 ELS)", product: { name: "Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES (v. 4 ELS)", product: { name: "Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:4::es", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.src", product: { name: "bash-0:4.1.2-15.el6_4.2.src", product_id: "bash-0:4.1.2-15.el6_4.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:4.1.2-9.el6_2.2.src", product: { name: "bash-0:4.1.2-9.el6_2.2.src", product_id: "bash-0:4.1.2-9.el6_2.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-9.el6_2.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-24.el5_6.2.src", product: { name: "bash-0:3.2-24.el5_6.2.src", product_id: "bash-0:3.2-24.el5_6.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.src", product: { name: "bash-0:3.2-32.el5_9.3.src", product_id: "bash-0:3.2-32.el5_9.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.src", product: { name: "bash-0:3.0-27.el4.4.src", product_id: "bash-0:3.0-27.el4.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.s390x", product: { name: "bash-0:3.2-32.el5_9.3.s390x", product_id: "bash-0:3.2-32.el5_9.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=i686", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-0:4.1.2-15.el6_4.2.i686", product_id: "bash-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-24.el5_6.2.x86_64", product: { name: "bash-0:3.2-24.el5_6.2.x86_64", product_id: "bash-0:3.2-24.el5_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.x86_64", product: { name: "bash-0:3.2-32.el5_9.3.x86_64", product_id: "bash-0:3.2-32.el5_9.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product_id: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.x86_64", product: { name: "bash-0:3.0-27.el4.4.x86_64", product_id: "bash-0:3.0-27.el4.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-24.el5_6.2.ia64", product: { name: "bash-0:3.2-24.el5_6.2.ia64", product_id: "bash-0:3.2-24.el5_6.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.ia64", product: { name: "bash-0:3.2-32.el5_9.3.ia64", product_id: "bash-0:3.2-32.el5_9.3.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.ia64", product: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64", product_id: "bash-debuginfo-0:3.0-27.el4.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.ia64", product: { name: "bash-0:3.0-27.el4.4.ia64", product_id: "bash-0:3.0-27.el4.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-24.el5_6.2.i386", product: { name: "bash-0:3.2-24.el5_6.2.i386", product_id: "bash-0:3.2-24.el5_6.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.i386", product: { name: "bash-0:3.2-32.el5_9.3.i386", product_id: "bash-0:3.2-32.el5_9.3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.i386", product: { name: "bash-debuginfo-0:3.0-27.el4.4.i386", product_id: "bash-debuginfo-0:3.0-27.el4.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.i386", product: { name: "bash-0:3.0-27.el4.4.i386", product_id: "bash-0:3.0-27.el4.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=ppc", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.ppc", product: { name: "bash-0:3.2-32.el5_9.3.ppc", product_id: "bash-0:3.2-32.el5_9.3.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.i386", }, product_reference: "bash-0:3.0-27.el4.4.i386", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.ia64", }, product_reference: "bash-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.src as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.src", }, product_reference: "bash-0:3.0-27.el4.4.src", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.i386", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.i386", }, product_reference: "bash-0:3.0-27.el4.4.i386", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.ia64", }, product_reference: "bash-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.src as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.src", }, product_reference: "bash-0:3.0-27.el4.4.src", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.i386", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", }, product_reference: "bash-0:3.2-24.el5_6.2.i386", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", }, product_reference: "bash-0:3.2-24.el5_6.2.ia64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.src as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", }, product_reference: "bash-0:3.2-24.el5_6.2.src", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", }, product_reference: "bash-0:3.2-24.el5_6.2.x86_64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.i386", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.i386 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", }, product_reference: "bash-0:3.2-32.el5_9.3.i386", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.ia64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", }, product_reference: "bash-0:3.2-32.el5_9.3.ia64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.ppc as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", }, product_reference: "bash-0:3.2-32.el5_9.3.ppc", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.s390x as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", }, product_reference: "bash-0:3.2-32.el5_9.3.s390x", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.src as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", }, product_reference: "bash-0:3.2-32.el5_9.3.src", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.x86_64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", }, product_reference: "bash-0:3.2-32.el5_9.3.x86_64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.i386 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.i386", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.src as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", }, product_reference: "bash-0:4.1.2-9.el6_2.2.src", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", }, product_reference: "bash-0:4.1.2-9.el6_2.2.src", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014:1306
Vulnerability from csaf_redhat
Published
2014-09-26 01:46
Modified
2025-03-19 13:58
Summary
Red Hat Security Advisory: bash security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash packages that fix one security issue are now available for Red
Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash packages that fix one security issue are now available for Red\nHat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1306", url: "https://access.redhat.com/errata/RHSA-2014:1306", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1306.json", }, ], title: "Red Hat Security Advisory: bash security update", tracking: { current_release_date: "2025-03-19T13:58:19+00:00", generator: { date: "2025-03-19T13:58:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2014:1306", initial_release_date: "2014-09-26T01:46:36+00:00", revision_history: [ { date: "2014-09-26T01:46:36+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T16:02:45+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T13:58:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product: { name: "Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 6)", product: { name: "Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:6::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux (v. 5 server)", product: { name: "Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.src", product: { name: "bash-0:4.1.2-15.el6_5.2.src", product_id: "bash-0:4.1.2-15.el6_5.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.src", product: { name: "bash-0:4.2.45-5.el7_0.4.src", product_id: "bash-0:4.2.45-5.el7_0.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.src", product: { name: "bash-0:3.2-33.el5_11.4.src", product_id: "bash-0:3.2-33.el5_11.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=i686", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.i686", product: { name: "bash-0:4.1.2-15.el6_5.2.i686", product_id: "bash-0:4.1.2-15.el6_5.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_5.2.x86_64", product_id: "bash-0:4.1.2-15.el6_5.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.x86_64", product: { name: "bash-0:4.2.45-5.el7_0.4.x86_64", product_id: "bash-0:4.2.45-5.el7_0.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.x86_64", product: { name: "bash-0:3.2-33.el5_11.4.x86_64", product_id: "bash-0:3.2-33.el5_11.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-doc-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.s390x", product: { name: "bash-0:4.1.2-15.el6_5.2.s390x", product_id: "bash-0:4.1.2-15.el6_5.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-doc-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.s390x", product: { name: "bash-0:4.2.45-5.el7_0.4.s390x", product_id: "bash-0:4.2.45-5.el7_0.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.s390x", product: { name: "bash-0:3.2-33.el5_11.4.s390x", product_id: "bash-0:3.2-33.el5_11.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_5.2.ppc64", product: { name: "bash-0:4.1.2-15.el6_5.2.ppc64", product_id: "bash-0:4.1.2-15.el6_5.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_5.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.2.45-5.el7_0.4.ppc64", product: { name: "bash-0:4.2.45-5.el7_0.4.ppc64", product_id: "bash-0:4.2.45-5.el7_0.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.2.45-5.el7_0.4?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.i386", product: { name: "bash-0:3.2-33.el5_11.4.i386", product_id: "bash-0:3.2-33.el5_11.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.ia64", product: { name: "bash-0:3.2-33.el5_11.4.ia64", product_id: "bash-0:3.2-33.el5_11.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product_id: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-33.el5_11.4?arch=ppc", }, }, }, { category: "product_version", name: "bash-0:3.2-33.el5_11.4.ppc", product: { name: "bash-0:3.2-33.el5_11.4.ppc", product_id: "bash-0:3.2-33.el5_11.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-33.el5_11.4?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", }, product_reference: "bash-0:3.2-33.el5_11.4.src", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Client-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.src as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", }, product_reference: "bash-0:3.2-33.el5_11.4.src", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.i386", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ia64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.ppc", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.s390x", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", }, product_reference: "bash-debuginfo-0:3.2-33.el5_11.4.x86_64", relates_to_product_reference: "5Server-5.11.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", product_id: "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", product_id: "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Client-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", product_id: "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", product_id: "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", product_id: "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", product_id: "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Server-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", product_id: "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", }, product_reference: "bash-0:4.1.2-15.el6_5.2.src", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.i686", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.ppc64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.s390x", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_5.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", product_id: "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_5.2.x86_64", relates_to_product_reference: "6Workstation-optional-6.5.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Client-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Server-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", }, product_reference: "bash-0:4.2.45-5.el7_0.4.src", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.s390x", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.2.45-5.el7_0.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", }, product_reference: "bash-doc-0:4.2.45-5.el7_0.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.0.Z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T01:46:36+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1306", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Client-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Client-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.src", "5Server-5.11.Z:bash-0:3.2-33.el5_11.4.x86_64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.i386", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ia64", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.ppc", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.s390x", "5Server-5.11.Z:bash-debuginfo-0:3.2-33.el5_11.4.x86_64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Client-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Client-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6ComputeNode-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6ComputeNode-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Server-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Server-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.src", "6Workstation-optional-6.5.z:bash-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-debuginfo-0:4.1.2-15.el6_5.2.x86_64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.i686", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.ppc64", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.s390x", "6Workstation-optional-6.5.z:bash-doc-0:4.1.2-15.el6_5.2.x86_64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Client-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Client-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7ComputeNode-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7ComputeNode-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Server-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Server-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.src", "7Workstation-optional-7.0.Z:bash-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-debuginfo-0:4.2.45-5.el7_0.4.x86_64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.ppc64", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.s390x", "7Workstation-optional-7.0.Z:bash-doc-0:4.2.45-5.el7_0.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
RHSA-2014:1865
Vulnerability from csaf_redhat
Published
2014-11-17 18:11
Modified
2024-11-14 16:27
Summary
Red Hat Security Advisory: bash Shift_JIS security update
Notes
Topic
Updated bash Shift_JIS packages that fix one security issue are now
available for Red Hat Enterprise Linux 5.9 Extended Update Support.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese
language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in
functions are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.9 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1865", url: "https://access.redhat.com/errata/RHSA-2014:1865", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1865.json", }, ], title: "Red Hat Security Advisory: bash Shift_JIS security update", tracking: { current_release_date: "2024-11-14T16:27:19+00:00", generator: { date: "2024-11-14T16:27:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1865", initial_release_date: "2014-11-17T18:11:13+00:00", revision_history: [ { date: "2014-11-17T18:11:13+00:00", number: "1", summary: "Initial version", }, { date: "2014-11-17T18:11:14+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:27:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "SJIS (v. 5.9.z Server)", product: { name: "SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:5", }, }, }, ], category: "product_family", name: "RHEL S-JIS Service", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.src", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.src", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.i386 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.i386", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.src as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.src", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014:1311
Vulnerability from csaf_redhat
Published
2014-09-26 17:58
Modified
2024-11-14 16:26
Summary
Red Hat Security Advisory: bash security update
Notes
Topic
[Updated September 30, 2014]
This advisory has been updated with information on restarting system
services after applying this update. No changes have been made to the
original packages.
Updated bash packages that fix one security issue are now available for Red
Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise
Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support,
Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat
Enterprise Linux 6.4 Extended Update Support.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "[Updated September 30, 2014]\nThis advisory has been updated with information on restarting system\nservices after applying this update. No changes have been made to the\noriginal packages.\n\nUpdated bash packages that fix one security issue are now available for Red\nHat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise\nLinux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support,\nRed Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat\nEnterprise Linux 6.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1311", url: "https://access.redhat.com/errata/RHSA-2014:1311", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1311.json", }, ], title: "Red Hat Security Advisory: bash security update", tracking: { current_release_date: "2024-11-14T16:26:16+00:00", generator: { date: "2024-11-14T16:26:16+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1311", initial_release_date: "2014-09-26T17:58:08+00:00", revision_history: [ { date: "2014-09-26T17:58:08+00:00", number: "1", summary: "Initial version", }, { date: "2014-09-30T15:08:45+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:26:16+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:6.4::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server AUS (v. 6.2)", product: { name: "Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:6.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product: { name: "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:6.2::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Long Life (v. 5.6 server)", product: { name: "Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_mission_critical:5.6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux EUS (v. 5.9 server)", product: { name: "Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:5.9", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux AS (v. 4 ELS)", product: { name: "Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:4::as", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES (v. 4 ELS)", product: { name: "Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_els:4::es", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.src", product: { name: "bash-0:4.1.2-15.el6_4.2.src", product_id: "bash-0:4.1.2-15.el6_4.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:4.1.2-9.el6_2.2.src", product: { name: "bash-0:4.1.2-9.el6_2.2.src", product_id: "bash-0:4.1.2-9.el6_2.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-9.el6_2.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-24.el5_6.2.src", product: { name: "bash-0:3.2-24.el5_6.2.src", product_id: "bash-0:3.2-24.el5_6.2.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.src", product: { name: "bash-0:3.2-32.el5_9.3.src", product_id: "bash-0:3.2-32.el5_9.3.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=src", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.src", product: { name: "bash-0:3.0-27.el4.4.src", product_id: "bash-0:3.0-27.el4.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-doc-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.s390x", product: { name: "bash-0:4.1.2-15.el6_4.2.s390x", product_id: "bash-0:4.1.2-15.el6_4.2.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=s390x", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=s390x", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.s390x", product: { name: "bash-0:3.2-32.el5_9.3.s390x", product_id: "bash-0:3.2-32.el5_9.3.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=i686", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686", product_id: "bash-doc-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=i686", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.i686", product: { name: "bash-0:4.1.2-15.el6_4.2.i686", product_id: "bash-0:4.1.2-15.el6_4.2.i686", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.x86_64", product: { name: "bash-0:4.1.2-15.el6_4.2.x86_64", product_id: "bash-0:4.1.2-15.el6_4.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-9.el6_2.2.x86_64", product: { name: "bash-0:4.1.2-9.el6_2.2.x86_64", product_id: "bash-0:4.1.2-9.el6_2.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-9.el6_2.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-24.el5_6.2.x86_64", product: { name: "bash-0:3.2-24.el5_6.2.x86_64", product_id: "bash-0:3.2-24.el5_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.x86_64", product: { name: "bash-0:3.2-32.el5_9.3.x86_64", product_id: "bash-0:3.2-32.el5_9.3.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product_id: "bash-debuginfo-0:3.0-27.el4.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=x86_64", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.x86_64", product: { name: "bash-0:3.0-27.el4.4.x86_64", product_id: "bash-0:3.0-27.el4.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-doc@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, { category: "product_version", name: "bash-0:4.1.2-15.el6_4.2.ppc64", product: { name: "bash-0:4.1.2-15.el6_4.2.ppc64", product_id: "bash-0:4.1.2-15.el6_4.2.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@4.1.2-15.el6_4.2?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-24.el5_6.2.ia64", product: { name: "bash-0:3.2-24.el5_6.2.ia64", product_id: "bash-0:3.2-24.el5_6.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.ia64", product: { name: "bash-0:3.2-32.el5_9.3.ia64", product_id: "bash-0:3.2-32.el5_9.3.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.ia64", product: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64", product_id: "bash-debuginfo-0:3.0-27.el4.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=ia64", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.ia64", product: { name: "bash-0:3.0-27.el4.4.ia64", product_id: "bash-0:3.0-27.el4.4.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-24.el5_6.2.i386", product: { name: "bash-0:3.2-24.el5_6.2.i386", product_id: "bash-0:3.2-24.el5_6.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-24.el5_6.2?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product: { name: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product_id: "bash-debuginfo-0:3.2-24.el5_6.2.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-24.el5_6.2?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.i386", product: { name: "bash-0:3.2-32.el5_9.3.i386", product_id: "bash-0:3.2-32.el5_9.3.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.0-27.el4.4.i386", product: { name: "bash-debuginfo-0:3.0-27.el4.4.i386", product_id: "bash-debuginfo-0:3.0-27.el4.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.0-27.el4.4?arch=i386", }, }, }, { category: "product_version", name: "bash-0:3.0-27.el4.4.i386", product: { name: "bash-0:3.0-27.el4.4.i386", product_id: "bash-0:3.0-27.el4.4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.0-27.el4.4?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3?arch=ppc", }, }, }, { category: "product_version", name: "bash-0:3.2-32.el5_9.3.ppc", product: { name: "bash-0:3.2-32.el5_9.3.ppc", product_id: "bash-0:3.2-32.el5_9.3.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.i386", }, product_reference: "bash-0:3.0-27.el4.4.i386", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.ia64", }, product_reference: "bash-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.src as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.src", }, product_reference: "bash-0:3.0-27.el4.4.src", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.i386", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", product_id: "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4AS-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.i386", }, product_reference: "bash-0:3.0-27.el4.4.i386", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.ia64", }, product_reference: "bash-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.src as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.src", }, product_reference: "bash-0:3.0-27.el4.4.src", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.i386", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.ia64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.0-27.el4.4.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", product_id: "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", }, product_reference: "bash-debuginfo-0:3.0-27.el4.4.x86_64", relates_to_product_reference: "4ES-ELS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", }, product_reference: "bash-0:3.2-24.el5_6.2.i386", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", }, product_reference: "bash-0:3.2-24.el5_6.2.ia64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.src as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", }, product_reference: "bash-0:3.2-24.el5_6.2.src", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-24.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", }, product_reference: "bash-0:3.2-24.el5_6.2.x86_64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.i386", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.ia64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.ia64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.6 server)", product_id: "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", }, product_reference: "bash-debuginfo-0:3.2-24.el5_6.2.x86_64", relates_to_product_reference: "5Server-5.6.LL", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.i386 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", }, product_reference: "bash-0:3.2-32.el5_9.3.i386", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.ia64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", }, product_reference: "bash-0:3.2-32.el5_9.3.ia64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.ppc as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", }, product_reference: "bash-0:3.2-32.el5_9.3.ppc", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.s390x as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", }, product_reference: "bash-0:3.2-32.el5_9.3.s390x", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.src as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", }, product_reference: "bash-0:3.2-32.el5_9.3.src", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.x86_64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", }, product_reference: "bash-0:3.2-32.el5_9.3.x86_64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.i386 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.i386", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ia64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.ia64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.ppc as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.ppc", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.s390x as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.s390x", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64 as a component of Red Hat Enterprise Linux EUS (v. 5.9 server)", product_id: "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.x86_64", relates_to_product_reference: "5Server-5.9.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.4)", product_id: "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4)", product_id: "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6ComputeNode-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.src as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", }, product_reference: "bash-0:4.1.2-9.el6_2.2.src", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)", product_id: "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.4)", product_id: "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", }, product_reference: "bash-0:4.1.2-9.el6_2.2.src", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-9.el6_2.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)", product_id: "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-9.el6_2.2.x86_64", relates_to_product_reference: "6Server-optional-6.2.AUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", }, product_reference: "bash-0:4.1.2-15.el6_4.2.src", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.i686 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.i686", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.ppc64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.s390x", relates_to_product_reference: "6Server-optional-6.4.EUS", }, { category: "default_component_of", full_product_name: { name: "bash-doc-0:4.1.2-15.el6_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 6.4)", product_id: "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", }, product_reference: "bash-doc-0:4.1.2-15.el6_4.2.x86_64", relates_to_product_reference: "6Server-optional-6.4.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-09-26T17:58:08+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1311", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "4AS-ELS:bash-0:3.0-27.el4.4.i386", "4AS-ELS:bash-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-0:3.0-27.el4.4.src", "4AS-ELS:bash-0:3.0-27.el4.4.x86_64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4AS-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-0:3.0-27.el4.4.i386", "4ES-ELS:bash-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-0:3.0-27.el4.4.src", "4ES-ELS:bash-0:3.0-27.el4.4.x86_64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.i386", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.ia64", "4ES-ELS:bash-debuginfo-0:3.0-27.el4.4.x86_64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.src", "5Server-5.6.LL:bash-0:3.2-24.el5_6.2.x86_64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.i386", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.ia64", "5Server-5.6.LL:bash-debuginfo-0:3.2-24.el5_6.2.x86_64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.src", "5Server-5.9.EUS:bash-0:3.2-32.el5_9.3.x86_64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.i386", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ia64", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.ppc", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.s390x", "5Server-5.9.EUS:bash-debuginfo-0:3.2-32.el5_9.3.x86_64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6ComputeNode-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6ComputeNode-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.src", "6Server-optional-6.2.AUS:bash-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-debuginfo-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.2.AUS:bash-doc-0:4.1.2-9.el6_2.2.x86_64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.src", "6Server-optional-6.4.EUS:bash-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-debuginfo-0:4.1.2-15.el6_4.2.x86_64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.i686", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.ppc64", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.s390x", "6Server-optional-6.4.EUS:bash-doc-0:4.1.2-15.el6_4.2.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014:1865
Vulnerability from csaf_redhat
Published
2014-11-17 18:11
Modified
2024-11-14 16:27
Summary
Red Hat Security Advisory: bash Shift_JIS security update
Notes
Topic
Updated bash Shift_JIS packages that fix one security issue are now
available for Red Hat Enterprise Linux 5.9 Extended Update Support.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese
language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in
functions are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.9 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1865", url: "https://access.redhat.com/errata/RHSA-2014:1865", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1865.json", }, ], title: "Red Hat Security Advisory: bash Shift_JIS security update", tracking: { current_release_date: "2024-11-14T16:27:19+00:00", generator: { date: "2024-11-14T16:27:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1865", initial_release_date: "2014-11-17T18:11:13+00:00", revision_history: [ { date: "2014-11-17T18:11:13+00:00", number: "1", summary: "Initial version", }, { date: "2014-11-17T18:11:14+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:27:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "SJIS (v. 5.9.z Server)", product: { name: "SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:5", }, }, }, ], category: "product_family", name: "RHEL S-JIS Service", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.src", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.src", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.i386 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.i386", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.src as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.src", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
rhsa-2014_1865
Vulnerability from csaf_redhat
Published
2014-11-17 18:11
Modified
2024-11-14 16:27
Summary
Red Hat Security Advisory: bash Shift_JIS security update
Notes
Topic
Updated bash Shift_JIS packages that fix one security issue are now
available for Red Hat Enterprise Linux 5.9 Extended Update Support.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese
language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. Note that certain services, screen sessions, and tmux sessions may
need to be restarted, and affected interactive users may need to re-login.
Installing these updated packages without restarting services will address
the vulnerability, but functionality may be impacted until affected
services are restarted. For more information see the Knowledgebase article
at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in
functions are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.9 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", title: "Topic", }, { category: "general", text: "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2014:1865", url: "https://access.redhat.com/errata/RHSA-2014:1865", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/1200223", url: "https://access.redhat.com/articles/1200223", }, { category: "external", summary: "1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1865.json", }, ], title: "Red Hat Security Advisory: bash Shift_JIS security update", tracking: { current_release_date: "2024-11-14T16:27:19+00:00", generator: { date: "2024-11-14T16:27:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.0", }, }, id: "RHSA-2014:1865", initial_release_date: "2014-11-17T18:11:13+00:00", revision_history: [ { date: "2014-11-17T18:11:13+00:00", number: "1", summary: "Initial version", }, { date: "2014-11-17T18:11:14+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T16:27:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "SJIS (v. 5.9.z Server)", product: { name: "SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_sjis:5", }, }, }, ], category: "product_family", name: "RHEL S-JIS Service", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=ia64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=i386", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=x86_64", }, }, }, { category: "product_version", name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product_id: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/bash-debuginfo@3.2-32.el5_9.3.sjis.1?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "bash-0:3.2-32.el5_9.3.sjis.1.src", product: { name: "bash-0:3.2-32.el5_9.3.sjis.1.src", product_id: "bash-0:3.2-32.el5_9.3.sjis.1.src", product_identification_helper: { purl: "pkg:rpm/redhat/bash@3.2-32.el5_9.3.sjis.1?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.i386 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.i386", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.ia64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.ia64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.src as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.src", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", }, product_reference: "bash-0:3.2-32.el5_9.3.sjis.1.x86_64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, { category: "default_component_of", full_product_name: { name: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64 as a component of SJIS (v. 5.9.z Server)", product_id: "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", }, product_reference: "bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", relates_to_product_reference: "5Server-SJIS-5.9.z", }, ], }, vulnerabilities: [ { cve: "CVE-2014-7169", cwe: { id: "CWE-228", name: "Improper Handling of Syntactically Invalid Structure", }, discovery_date: "2014-09-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146319", }, ], notes: [ { category: "description", text: "It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.", title: "Vulnerability description", }, { category: "summary", text: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7169", }, { category: "external", summary: "RHBZ#1146319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146319", }, { category: "external", summary: "RHSB-shellshock", url: "https://access.redhat.com/security/vulnerabilities/shellshock", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7169", url: "https://www.cve.org/CVERecord?id=CVE-2014-7169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2014-09-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2022-01-28T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271)", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7186", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2014-09-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146791", }, ], notes: [ { category: "description", text: "It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code.", title: "Vulnerability description", }, { category: "summary", text: "bash: parser can allow out-of-bounds memory access while handling redir_stack", title: "Vulnerability summary", }, { category: "other", text: "A patch for this issue was applied to the bash packages in Red Hat Enterprise Linux via RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312. The errata do not mention the CVE in the description, as the CVE was only assigned after those updates were released.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7186", }, { category: "external", summary: "RHBZ#1146791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7186", url: "https://www.cve.org/CVERecord?id=CVE-2014-7186", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7186", }, ], release_date: "2014-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: parser can allow out-of-bounds memory access while handling redir_stack", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2014-7187", cwe: { id: "CWE-193", name: "Off-by-one Error", }, discovery_date: "2014-09-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1146804", }, ], notes: [ { category: "description", text: "An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash.", title: "Vulnerability description", }, { category: "summary", text: "bash: off-by-one error in deeply nested flow control constructs", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security does not consider this bug to have any security impact on the bash packages shipped in Red Hat Enterprise Linux. A fix for this issue was applied as a hardening in RHSA-2014:1306, RHSA-2014:1311, and RHSA-2014:1312.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2014-7187", }, { category: "external", summary: "RHBZ#1146804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1146804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2014-7187", url: "https://www.cve.org/CVERecord?id=CVE-2014-7187", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7187", }, ], release_date: "2014-09-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2014-11-17T18:11:13+00:00", details: "Before applying this update, make sure all previously released errata \nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the \nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258", product_ids: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2014:1865", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.src", "5Server-SJIS-5.9.z:bash-0:3.2-32.el5_9.3.sjis.1.x86_64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.i386", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.ia64", "5Server-SJIS-5.9.z:bash-debuginfo-0:3.2-32.el5_9.3.sjis.1.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: off-by-one error in deeply nested flow control constructs", }, ], }
CVE-2014-7169
Vulnerability from jvndb
Published
2014-10-28 14:39
Modified
2015-12-25 13:47
Summary
QNAP QTS vulnerable to OS command injection
Details
QNAP QTS is an operating system for Turbo NAS. QNAP QTS contains a flaw in the GNU Bash shell, which may result in an OS command injection vulnerability (CWE-78).
Yuuki Wakisaka of University of Electro-Communications reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| QNAP Systems | QNAP QTS |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000126.html", "dc:date": "2015-12-25T13:47+09:00", "dcterms:issued": "2014-10-28T14:39+09:00", "dcterms:modified": "2015-12-25T13:47+09:00", description: "QNAP QTS is an operating system for Turbo NAS. QNAP QTS contains a flaw in the GNU Bash shell, which may result in an OS command injection vulnerability (CWE-78).\r\n\r\nYuuki Wakisaka of University of Electro-Communications reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", link: "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000126.html", "sec:cpe": { "#text": "cpe:/o:qnap:qts", "@product": "QNAP QTS", "@vendor": "QNAP Systems", "@version": "2.2", }, "sec:cvss": { "@score": "10.0", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "@version": "2.0", }, "sec:identifier": "JVNDB-2014-000126", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN55667175/index.html", "@id": "JVN#55667175", "@source": "JVN", }, { "#text": "https://jvn.jp/vu/JVNVU97219505/index.html", "@id": "JVNVU#97219505", "@source": "JVN", }, { "#text": "http://jvn.jp/vu/JVNVU97220341/index.html", "@id": "JVNVU#97220341", "@source": "JVN", }, { "#text": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004399.html", "@id": "JVNDB-2014-004399", "@source": "JVN iPedia", }, { "#text": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004410.html", "@id": "JVNDB-2014-004410", "@source": "JVN iPedia", }, { "#text": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004431.html", "@id": "JVNDB-2014-004431", "@source": "JVN iPedia", }, { "#text": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004476.html", "@id": "JVNDB-2014-004476", "@source": "JVN iPedia", }, { "#text": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004432.html", "@id": "JVNDB-2014-004432", "@source": "JVN iPedia", }, { "#text": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004433.html", "@id": "JVNDB-2014-004433", "@source": "JVN iPedia", }, { "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169", "@id": "CVE-2014-7169", "@source": "CVE", }, { "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271", "@id": "CVE-2014-6271", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277", "@id": "CVE-2014-6277", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278", "@id": "CVE-2014-6278", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186", "@id": "CVE-2014-7186", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187", "@id": "CVE-2014-7187", "@source": "CVE", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169", "@id": "CVE-2014-7169", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271", "@id": "CVE-2014-6271", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6277", "@id": "CVE-2014-6277", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6278", "@id": "CVE-2014-6278", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7186", "@id": "CVE-2014-7186", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7187", "@id": "CVE-2014-7187", "@source": "NVD", }, { "#text": "http://www.kb.cert.org/vuls/id/252743", "@id": "VU#252743", "@source": "CERT-VN", }, { "#text": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-01", "@id": "ICSA-15-344-01", "@source": "ICS-CERT ADVISORY", }, { "#text": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-269-01a", "@id": "ICSA-14-269-01A", "@source": "ICS-CERT ADVISORY", }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-78", "@title": "OS Command Injection(CWE-78)", }, ], title: "QNAP QTS vulnerable to OS command injection", }
ghsa-f7j6-xrjp-vffg
Vulnerability from github
Published
2022-05-13 01:05
Modified
2024-07-24 18:31
Severity ?
Details
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
{ affected: [], aliases: [ "CVE-2014-7169", ], database_specific: { cwe_ids: [ "CWE-78", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2014-09-25T01:55:00Z", severity: "HIGH", }, details: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", id: "GHSA-f7j6-xrjp-vffg", modified: "2024-07-24T18:31:12Z", published: "2022-05-13T01:05:13Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-7169", }, { type: "WEB", url: "https://www.suse.com/support/shellshock", }, { type: "WEB", url: "https://www.exploit-db.com/exploits/34879", }, { type: "WEB", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { type: "WEB", url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { type: "WEB", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { type: "WEB", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { type: "WEB", url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { type: "WEB", url: "https://support.citrix.com/article/CTX200223", }, { type: "WEB", url: "https://support.citrix.com/article/CTX200217", }, { type: "WEB", url: "https://support.apple.com/kb/HT6535", }, { type: "WEB", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { type: "WEB", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { type: "WEB", url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { type: "WEB", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { type: "WEB", url: "https://access.redhat.com/node/1200223", }, { type: "WEB", url: "https://access.redhat.com/articles/1200223", }, { type: "WEB", url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { type: "WEB", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { type: "WEB", url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { type: "WEB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { type: "WEB", url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { type: "WEB", url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { type: "WEB", url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { type: "WEB", url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { type: "WEB", url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { type: "WEB", url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { type: "WEB", url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { type: "WEB", url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { type: "WEB", url: "http://secunia.com/advisories/58200", }, { type: "WEB", url: "http://secunia.com/advisories/59272", }, { type: "WEB", url: "http://secunia.com/advisories/59737", }, { type: "WEB", url: "http://secunia.com/advisories/59907", }, { type: "WEB", url: "http://secunia.com/advisories/60024", }, { type: "WEB", url: "http://secunia.com/advisories/60034", }, { type: "WEB", url: "http://secunia.com/advisories/60044", }, { type: "WEB", url: "http://secunia.com/advisories/60055", }, { type: "WEB", url: "http://secunia.com/advisories/60063", }, { type: "WEB", url: "http://secunia.com/advisories/60193", }, { type: "WEB", url: "http://secunia.com/advisories/60325", }, { type: "WEB", url: "http://secunia.com/advisories/60433", }, { type: "WEB", url: "http://secunia.com/advisories/60947", }, { type: "WEB", url: "http://secunia.com/advisories/61065", }, { type: "WEB", url: "http://secunia.com/advisories/61128", }, { type: "WEB", url: "http://secunia.com/advisories/61129", }, { type: "WEB", url: "http://secunia.com/advisories/61188", }, { type: "WEB", url: "http://secunia.com/advisories/61283", }, { type: "WEB", url: "http://secunia.com/advisories/61287", }, { type: "WEB", url: "http://secunia.com/advisories/61291", }, { type: "WEB", url: "http://secunia.com/advisories/61312", }, { type: "WEB", url: "http://secunia.com/advisories/61313", }, { type: "WEB", url: "http://secunia.com/advisories/61328", }, { type: "WEB", url: "http://secunia.com/advisories/61442", }, { type: "WEB", url: "http://secunia.com/advisories/61471", }, { type: "WEB", url: "http://secunia.com/advisories/61479", }, { type: "WEB", url: "http://secunia.com/advisories/61485", }, { type: "WEB", url: "http://secunia.com/advisories/61503", }, { type: "WEB", url: "http://secunia.com/advisories/61550", }, { type: "WEB", url: "http://secunia.com/advisories/61552", }, { type: "WEB", url: "http://secunia.com/advisories/61565", }, { type: "WEB", url: "http://secunia.com/advisories/61603", }, { type: "WEB", url: "http://secunia.com/advisories/61618", }, { type: "WEB", url: "http://secunia.com/advisories/61619", }, { type: "WEB", url: "http://secunia.com/advisories/61622", }, { type: "WEB", url: "http://secunia.com/advisories/61626", }, { type: "WEB", url: "http://secunia.com/advisories/61633", }, { type: "WEB", url: "http://secunia.com/advisories/61641", }, { type: "WEB", url: "http://secunia.com/advisories/61643", }, { type: "WEB", url: "http://secunia.com/advisories/61654", }, { type: "WEB", url: "http://secunia.com/advisories/61676", }, { type: "WEB", url: "http://secunia.com/advisories/61700", }, { type: "WEB", url: "http://secunia.com/advisories/61703", }, { type: "WEB", url: "http://secunia.com/advisories/61711", }, { type: "WEB", url: "http://secunia.com/advisories/61715", }, { type: "WEB", url: "http://secunia.com/advisories/61780", }, { type: "WEB", url: "http://secunia.com/advisories/61816", }, { type: "WEB", url: "http://secunia.com/advisories/61855", }, { type: "WEB", url: "http://secunia.com/advisories/61857", }, { type: "WEB", url: "http://secunia.com/advisories/61873", }, { type: "WEB", url: "http://secunia.com/advisories/62228", }, { type: "WEB", url: "http://secunia.com/advisories/62312", }, { type: "WEB", url: "http://secunia.com/advisories/62343", }, { type: "WEB", url: "http://support.apple.com/kb/HT6495", }, { type: "WEB", url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { type: "WEB", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { type: "WEB", url: "http://twitter.com/taviso/statuses/514887394294652929", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { type: "WEB", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { type: "WEB", url: "http://www.debian.org/security/2014/dsa-3035", }, { type: "WEB", url: "http://www.kb.cert.org/vuls/id/252743", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { type: "WEB", url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { type: "WEB", url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { type: "WEB", url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { type: "WEB", url: "http://www.ubuntu.com/usn/USN-2363-1", }, { type: "WEB", url: "http://www.ubuntu.com/usn/USN-2363-2", }, { type: "WEB", url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { type: "WEB", url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
fkie_cve-2014-7169
Vulnerability from fkie_nvd
Published
2014-09-25 01:55
Modified
2025-02-10 20:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
Impacted products
{ cisaActionDue: "2022-07-28", cisaExploitAdd: "2022-01-28", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*", matchCriteriaId: "F4DBE402-1B0A-4854-ABE5-891321454C25", versionEndIncluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7", versionEndExcluding: "4.9.12", versionStartIncluding: "4.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0", versionEndExcluding: "4.10.9", versionStartIncluding: "4.10.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "9056776F-03F6-4C3D-8635-37D66FD16EAA", versionEndExcluding: "4.11.11", versionStartIncluding: "4.11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6", versionEndExcluding: "4.12.9", versionStartIncluding: "4.12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "8296875A-64FA-4592-848A-A923126BD8AF", versionEndExcluding: "4.13.9", versionStartIncluding: "4.13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "816A16AF-1F5E-483A-AA89-3022818FAE43", versionEndExcluding: "4.14.4f", versionStartIncluding: "4.14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*", matchCriteriaId: "F8421899-5D10-4C2B-88AA-3DA909FE3E67", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*", matchCriteriaId: "62A2AC02-A933-4E51-810E-5D040B476B7B", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", matchCriteriaId: "D7B037A8-72A6-4DFF-94B2-D688A5F6F876", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*", matchCriteriaId: "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649", versionEndExcluding: "4.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*", matchCriteriaId: "F407EA72-BA1A-41A2-B699-874304A638A5", vulnerable: true, }, { criteria: "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*", matchCriteriaId: "DDA25903-B334-438B-8196-B9E5119199D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", matchCriteriaId: "76F1E356-E019-47E8-AA5F-702DA93CF74E", vulnerable: true, }, { criteria: "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F805A106-9A6F-48E7-8582-D3C5A26DFC11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*", matchCriteriaId: "EC489F35-07F1-4C3E-80B9-78F0689BC54B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*", matchCriteriaId: "95CE35FC-266F-4025-A0B8-FB853C020800", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6172AF57-B26D-45F8-BE3A-F75ABDF28F49", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", matchCriteriaId: "6252E88C-27FF-420D-A64A-C34124CF7E6A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "8A8E07B7-3739-4BEB-88F8-C7F62431E889", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*", matchCriteriaId: "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "804DFF9F-BAA8-4239-835B-6182471A224F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "9EE496C0-35F7-44DC-B3F0-71EA3A613C38", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*", matchCriteriaId: "71179893-49F2-433C-A7AC-687075F9CC1B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "37ECC029-3D84-4DD7-B28B-E5AD5559CF94", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*", matchCriteriaId: "F4CBED2A-B6B0-420E-BC40-160930D8662E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*", matchCriteriaId: "29BBF1AC-F31F-4251-8054-0D89A8E6E990", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*", matchCriteriaId: "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "6D8D654F-2442-4EA0-AF89-6AC2CD214772", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "D8ED0658-5F8F-48F0-A605-A2205DA27DA5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8BCF87FD-9358-42A5-9917-25DF0180A5A6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "C385DA76-4863-4D39-84D2-9D185D322365", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "188019BF-3700-4B3F-BFA5-553B2B545B7F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "9B8B2E32-B838-4E51-BAA2-764089D2A684", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "4319B943-7B19-468D-A160-5895F7F997A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", matchCriteriaId: "634C23AC-AC9C-43F4-BED8-1C720816D5E3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", matchCriteriaId: "37CE1DC7-72C5-483C-8921-0B462C8284D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*", matchCriteriaId: "BB6ADFB8-210D-4E46-82A2-1C8705928382", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", matchCriteriaId: "92C9F1C4-55B0-426D-BB5E-01372C23AF97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", matchCriteriaId: "AD6D0378-F0F4-4AAA-80AF-8287C790EC96", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*", matchCriteriaId: "8821E5FE-319D-40AB-A515-D56C1893E6F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*", matchCriteriaId: "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*", matchCriteriaId: "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*", matchCriteriaId: "74BCA435-7594-49E8-9BAE-9E02E129B6C0", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "3ED68ADD-BBDA-4485-BC76-58F011D72311", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*", matchCriteriaId: "CED02712-1031-4206-AC4D-E68710F46EC9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", matchCriteriaId: "35BBD83D-BDC7-4678-BE94-639F59281139", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*", matchCriteriaId: "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "E534C201-BCC5-473C-AAA7-AAB97CEB5437", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", matchCriteriaId: "2F7F8866-DEAD-44D1-AB10-21EE611AA026", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*", matchCriteriaId: "94C9C346-6DEC-4C72-9F59-BB3BEC42B551", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*", matchCriteriaId: "2071DABB-7102-47F2-A15F-A6C03607D01F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*", matchCriteriaId: "A8661E86-E075-427F-8E05-7A33811A3A76", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*", matchCriteriaId: "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E", versionEndIncluding: "1.0.0.4", versionStartIncluding: "1.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*", matchCriteriaId: "054736AF-96E0-491D-B824-CC4A35B76E14", versionEndIncluding: "1.1.0.4", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "575894EE-F13C-4D56-8B63-59A379F63BD2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0E476AEB-AD38-4033-8426-DC502497D75A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*", matchCriteriaId: "20981443-6A64-4852-B2CB-3299927C6F78", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*", matchCriteriaId: "59761BB8-FCC7-4D15-88A8-82076CCF196F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*", matchCriteriaId: "CF399B2E-8413-4B80-A0C0-E61E8A0A8604", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*", matchCriteriaId: "230EBA53-66AF-432B-B4C1-08D8FC903B2B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*", matchCriteriaId: "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*", matchCriteriaId: "EF102659-B067-473E-AA37-EA90A82D1864", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*", matchCriteriaId: "81DF915D-D764-4C21-B213-0ADFD844E9DB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*", matchCriteriaId: "C29A4119-A992-4713-85D6-4FDED7CD416A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*", matchCriteriaId: "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*", matchCriteriaId: "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*", matchCriteriaId: "F03006B7-037B-491F-A09F-DEB2FF076754", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*", matchCriteriaId: "FE78AED4-AD60-406C-82E0-BA52701B49BA", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*", matchCriteriaId: "3D0B71F0-CCED-4E23-989A-3E9E2D71307C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*", matchCriteriaId: "5CF8FC22-C556-451C-B928-F5AF8DF4BF45", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*", matchCriteriaId: "081D3B14-45F6-4F96-944B-94D967FEFA26", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*", matchCriteriaId: "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*", matchCriteriaId: "D922DC5A-63F6-4188-BCDE-BB987402E47E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*", matchCriteriaId: "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*", matchCriteriaId: "C2BCC22C-A32B-4945-AFBC-777DBE248FB8", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*", matchCriteriaId: "92F92890-63B0-4918-A147-8852B6E2FA8A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*", matchCriteriaId: "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*", matchCriteriaId: "ED0B143A-5386-4375-AEB2-48619B2B1EF3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*", matchCriteriaId: "E7ECA734-9E95-484F-B880-2491A0E2531B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*", matchCriteriaId: "5D7CD9E9-033C-44B8-A68C-47AC260873E1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*", matchCriteriaId: "07B660DC-A94F-48F0-A2F4-1C39CC4751A5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*", matchCriteriaId: "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*", matchCriteriaId: "329C8551-98D1-4255-B598-9E75A071C186", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*", matchCriteriaId: "FD0687B7-F374-4368-AD9E-041123B23A6C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*", matchCriteriaId: "D0330E77-454E-4E77-9628-50681B748491", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*", matchCriteriaId: "3863726E-15AD-4A47-85CB-0C9965E76EF1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*", matchCriteriaId: "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*", matchCriteriaId: "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*", matchCriteriaId: "D1F35447-889F-4CE9-9473-87046B4707EC", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*", matchCriteriaId: "A3A5DFC0-BBD7-430C-A026-E1F34E08894D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*", matchCriteriaId: "141E8F6A-3998-4F22-A717-3F52BC998F97", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*", matchCriteriaId: "F09AA197-BB55-4CF0-AC29-4449C07DE510", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*", matchCriteriaId: "3E468E33-B183-4830-97E2-EAF9FD3758E9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*", matchCriteriaId: "738C8F2B-3D3E-4E1F-977A-05D3A39F115D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*", matchCriteriaId: "1ED03E83-909B-423F-81F2-34AB7F24BBE1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*", matchCriteriaId: "9778E8AA-A034-4B04-A42E-6A182378C7DE", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*", matchCriteriaId: "AEE15598-4064-4E31-86BA-7851AA4B76C4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*", matchCriteriaId: "59FE3789-FB47-4939-B9AA-86D203445526", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*", matchCriteriaId: "2F96389A-82B9-42DE-8E93-D2B2EE610F7A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*", matchCriteriaId: "3131CDA5-1C4D-489C-8788-FA396F8ADB2C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*", matchCriteriaId: "DCC7DF3E-658C-41D7-A4AC-433440A02092", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*", matchCriteriaId: "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*", matchCriteriaId: "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*", matchCriteriaId: "D6870C1E-E4A4-4666-89DB-D72C8100D27E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*", matchCriteriaId: "BE183CA0-FFBB-4746-8BBE-5D1910DD2100", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*", matchCriteriaId: "D04B5EBF-C94C-4A44-9A7E-75623CAF832C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*", matchCriteriaId: "5723FDF4-198B-488E-B075-F528EC6E4D18", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*", matchCriteriaId: "7E23A972-5BCA-4C7E-B6F9-AD54992861A2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*", matchCriteriaId: "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*", matchCriteriaId: "BFE4D0FF-6445-4E14-9536-ADB32662B346", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*", matchCriteriaId: "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*", matchCriteriaId: "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*", matchCriteriaId: "9AC763FD-C143-4CA3-9A24-D50C9ED243D5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*", matchCriteriaId: "299C6CBE-905F-4E59-AF2F-89A1CD767916", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*", matchCriteriaId: "78538461-1B7E-4712-AA8D-D2EA3477635B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*", matchCriteriaId: "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*", matchCriteriaId: "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*", matchCriteriaId: "5725106C-A650-4C24-9636-1200BD44CCA4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*", matchCriteriaId: "F1501425-96F7-487B-9588-FDA2DAC3790A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*", matchCriteriaId: "48D95998-9434-4AFF-9983-0D7AC34176A3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*", matchCriteriaId: "D60BB309-860D-4D74-B08F-F94AFE84C881", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*", matchCriteriaId: "F63E864E-6323-41B4-956F-51F9364DFAE2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*", matchCriteriaId: "EC724282-7431-465E-8E60-4037121B8838", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "73151221-C102-4425-9316-1EE4CAAB6531", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "D1E9DDCD-6D22-4175-94EF-D8A5457E7355", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "35AB906F-43CD-4D54-8274-1FD551532E58", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "1ADC75F0-B27E-4B15-B829-482FBA0063A5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "D015D670-8AEA-49A3-8D22-9E3009322EB0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*", matchCriteriaId: "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*", matchCriteriaId: "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*", matchCriteriaId: "28CE650B-BE03-4EDF-BE27-2FA6657F7A52", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*", matchCriteriaId: "2356A4E6-561B-40CA-8348-B30D581B1E46", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "74509F3F-840E-48B8-88B1-EA4FFB90ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "BE7BD528-628F-4CA9-9FE8-8A79BDC97680", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "26118C2B-78CC-4038-9DEA-7A9417029790", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "4F445D93-D482-4A74-810D-66D78CBCAFED", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "2C9F200C-ECC9-4D51-AFE7-E99C16D09148", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "56B87CB5-0F77-4040-BB58-9DBF5723A4FD", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*", matchCriteriaId: "F4B3321B-11AD-43EB-867C-FA4FA6A5421E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*", matchCriteriaId: "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "4975223D-9E31-4CEC-A4B6-C0996828B855", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "C15C820B-4778-4B8F-8BD8-E996F1D4062D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A42E70EE-2E23-4D92-ADE0-9177B9EDD430", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*", matchCriteriaId: "01C91446-4A36-4FCE-A973-3E6F813FABC9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*", matchCriteriaId: "58281E62-E350-4B0D-9322-8BA1E1773CB2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*", matchCriteriaId: "BF1A152E-5795-4319-BD4D-855DE19C744C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*", matchCriteriaId: "438FCE7F-035A-4D89-96FE-EE5278C85493", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*", matchCriteriaId: "80900F2C-7CFA-4C40-A6B5-51E12C3DA187", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*", matchCriteriaId: "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*", matchCriteriaId: "33F900E6-AE47-4789-A337-70C6BEF22895", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*", matchCriteriaId: "AD2E5054-2151-414D-A88F-6697FF280D41", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*", matchCriteriaId: "3EB09361-372E-4F51-B255-C7D2DB41969F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "A36D6991-3728-4F60-A443-37652DFAA053", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "63C0F7CA-5F3C-41D4-AAD6-084643115D85", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*", matchCriteriaId: "45CD14D8-665A-46C5-8387-33FF266822A7", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*", matchCriteriaId: "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*", matchCriteriaId: "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*", matchCriteriaId: "6A846C69-CA94-4F5E-9E02-69EA6680549E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*", matchCriteriaId: "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "7AAEE176-631A-41B9-BC40-93F866DA9D5E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "9388D932-9818-4A68-9543-B0643166DB2A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "770A9287-C910-4690-9402-0C0B7BAC8912", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "B503F1F7-F439-420D-B465-9A51CCECAB06", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "27948B08-C452-41FB-B41F-6ADB3AAE087E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*", matchCriteriaId: "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*", matchCriteriaId: "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "4D7F2743-71BB-4011-B919-7E8032B6B72F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*", matchCriteriaId: "3738FAC6-B90B-4014-9E86-17ED6D19D23D", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*", matchCriteriaId: "35B6634E-4F09-423C-87E7-59D4127CC023", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*", matchCriteriaId: "0A7A7100-A1DA-4191-A4C1-D930829A3DC2", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*", matchCriteriaId: "83739ED7-37F1-4712-8C81-E56F58790240", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*", matchCriteriaId: "1CDD227E-1F98-4F73-BB65-3820F39127F0", versionEndIncluding: "3.1.0.7", versionStartIncluding: "3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*", matchCriteriaId: "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "250AF7A4-8DDF-427C-8BF7-788667908D77", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*", matchCriteriaId: "22433CE0-9772-48CE-8069-612FF3732C21", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "2569AA28-5C61-4BBD-A501-E1ACFA36837B", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*", matchCriteriaId: "3AB188A2-D7CE-4141-A55A-C074C84E366E", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*", matchCriteriaId: "FE4E5283-0FEE-4F37-9C41-FA695063FF79", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*", matchCriteriaId: "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*", matchCriteriaId: "73EB6121-62CD-49FC-A1D2-5467B007253C", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "97E19969-DD73-42F2-9E91-504E1663B268", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "F9CC2E05-5179-4241-A710-E582510EEB0D", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3CB18F38-AC6A-406A-A4DD-40688B803744", versionEndExcluding: "1.4.3.5", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB", versionEndExcluding: "1.5.0.4", versionStartIncluding: "1.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AA2ED020-4C7B-4303-ABE6-74D46D127556", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C4EF774-BD92-444D-9583-25DB97CDA4F3", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FB9850A-3308-4277-A68C-AD418612101E", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C84D7A48-6745-49D3-AE52-31DD7EEC0D61", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*", matchCriteriaId: "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A1A3A3E-5636-4422-9B7B-B3D97989E674", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7384B993-049F-48D7-86D6-FE221C783245", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1DF6129-9CEA-4812-800F-A6FD5095D60E", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*", matchCriteriaId: "7352FACE-C8D0-49A7-A2D7-B755599F0FB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79788A89-4152-4B4B-BFF0-518D90EE4D2B", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "680738C5-63D5-4F60-9610-FD0D87FCBBCA", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "872E2102-6BE6-42B6-93B0-942B7DABCBDA", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*", matchCriteriaId: "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E31991-DF33-4F00-8430-7B626E8174CE", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2E25BB0-6F5A-4A7B-9147-D4E17014C747", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B80C1675-4948-45DC-B593-EDB1354E42F3", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "D5D84487-CEBA-48A0-9B15-A0300D992E3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDEC166F-A967-4616-B9EF-503054EFD197", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "713E71BC-16F5-41E3-9816-74D5E8D8C9A9", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*", matchCriteriaId: "4D2487E0-046C-476F-BFF4-EF77D9E856D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0287F3CD-2151-491D-8BC3-6D3921BE8FFA", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4179899-87B4-42C3-8245-9A34EC04F6A1", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8CED766-9742-4037-8005-F0BDDE9176DD", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*", matchCriteriaId: "C41EEAEC-08AE-4478-8977-5A4D7B48C175", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "298C961D-5E5F-4277-B192-A4C29243BECC", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0663FBC-01C0-4AD8-A0B8-6097E537D352", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*", matchCriteriaId: "CE145DE3-3C9B-4949-B6D4-9B259372CCE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", matchCriteriaId: "01EDA41C-6B2E-49AF-B503-EB3882265C11", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*", matchCriteriaId: "0ABC25E5-76CD-469B-879A-B1F7109D0181", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*", matchCriteriaId: "98942F6C-330F-459A-B2B4-72572DB4070E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*", matchCriteriaId: "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*", matchCriteriaId: "8C0BAB94-6521-4B57-9E56-A57BA5E20C24", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3A7788E5-93B9-4149-8823-2ACBA5CF17E0", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*", matchCriteriaId: "B41B4ECD-6F30-46F5-A559-1CEFC7964873", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*", matchCriteriaId: "D42ADCD9-1455-401C-B94F-D367A78A2B97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "2853A787-E5F1-4455-9482-7C538B80556C", versionEndExcluding: "r77.30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "79618AB4-7A8E-4488-8608-57EC2F8681FE", versionEndIncluding: "10.2.4", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8E910D60-1145-4229-9890-80D2D67C3845", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48BBEF73-E87D-467F-85EB-47BE212DF0E8", versionEndIncluding: "11.5.1", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B276E4DF-69FC-4158-B93A-781A45605034", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "EE23220D-E364-41B7-A440-43B3AA4A716A", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C483253F-841E-4D4E-9B4A-932E9D07268B", versionEndIncluding: "11.5.1", versionStartIncluding: "11.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5B40837-EC2B-41FB-ACC3-806054EAF28C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "667D3780-3949-41AC-83DE-5BCB8B36C382", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "475F0EF8-42CB-4099-9C4A-390F946C4924", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "A8347412-DC42-4B86-BF6E-A44A5E1541ED", versionEndIncluding: "10.2.4", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C8942D9D-8E3A-4876-8E93-ED8D201FF546", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "06BA93C0-A7AE-4A8E-BD74-08149A204463", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D7D7863D-B064-4D7A-A66B-C3D3523425FD", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5CDEC701-DAB3-4D92-AA67-B886E6693E46", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C6D61BF2-69D8-4AD2-85CD-D87F640A6888", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167", versionEndIncluding: "11.5.1", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2C0B4C01-C71E-4E35-B63A-68395984E033", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "9828CBA5-BB72-46E2-987D-633A5B3E2AFF", versionEndIncluding: "11.4.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "68BC025A-D45E-45FB-A4E4-1C89320B5BBE", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "7C75978B-566B-4353-8716-099CB8790EE0", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74", versionEndIncluding: "4.4.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*", matchCriteriaId: "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2", versionEndIncluding: "4.4.0", versionStartIncluding: "4.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*", matchCriteriaId: "3AEB1FC5-1179-4DE9-99A2-D650167A7A60", versionEndIncluding: "4.4.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0ADD1B04-9F78-40B3-8314-6935277073B0", versionEndIncluding: "2.3.0", versionStartIncluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "482E630B-93A1-4B9B-8273-821C116ADC4F", versionEndIncluding: "3.1.1", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "1343FBDC-4BF0-403B-B257-96672F092263", versionEndIncluding: "4.0.5", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "7C138527-73D3-4AEE-BFAB-1D240A585A0F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*", matchCriteriaId: "8F2EB3D6-EF4C-4241-A31E-3990664004A7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*", matchCriteriaId: "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1D1168D2-93D5-4415-A666-B4BE0B2AC201", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48A2FBA9-207F-4F16-932D-BF0BA3440503", versionEndIncluding: "6.4.0", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*", matchCriteriaId: "4C6AC80F-9D91-468D-BEE3-6A0759723673", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680", versionEndExcluding: "9.3.67.5r1", vulnerable: true, }, { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "665EF643-3CDC-4518-9693-0D49F0870283", versionEndExcluding: "10.1.129.11r1", versionStartIncluding: "10", vulnerable: true, }, { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BAE3CC45-49E5-40DE-B5C3-52A754A9C599", versionEndExcluding: "10.5.52.11r1", versionStartIncluding: "10.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*", matchCriteriaId: "8968E39A-1E16-4B7F-A16A-190EBC20D04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "864B5480-704F-4636-A938-7D95AD4223AD", versionEndExcluding: "10.10.0", versionStartIncluding: "10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*", matchCriteriaId: "35D34345-0AD1-499C-9A74-982B2D3F305A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*", matchCriteriaId: "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*", matchCriteriaId: "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*", matchCriteriaId: "FECF06B5-3915-48F0-A140-41C7A27EE99D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*", matchCriteriaId: "BBD8B161-0A07-492F-89E4-7A0BD02F6464", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*", matchCriteriaId: "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*", matchCriteriaId: "29DF8DD7-B5CC-4152-A726-1D48459068D0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*", matchCriteriaId: "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BC337BB7-9A45-4406-A783-851F279130EE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", matchCriteriaId: "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, { lang: "es", value: "GNU Bash hasta 4.3 bash43-025 procesa cadenas finales después de la definición malformada de funciones en los valores de variables de entorno, lo que permite a atacantes remotos escribir hacia ficheros o posiblemente tener otro impacto desconocido a través de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a través de un límite privilegiado de la ejecución de Bash. Nota: Esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-6271.", }, ], id: "CVE-2014-7169", lastModified: "2025-02-10T20:15:37.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2014-09-25T01:55:04.367", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/58200", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59272", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59737", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59907", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60024", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60034", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60044", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60055", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60063", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60193", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60325", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60433", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60947", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61065", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61128", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61129", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61283", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61287", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61291", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61312", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61313", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61328", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61442", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61471", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61479", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61485", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61503", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61550", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61552", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61565", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61603", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61618", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61619", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61622", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61626", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61633", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61641", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61643", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61654", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61676", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61700", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61703", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61711", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61715", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61780", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61816", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61855", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61857", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61873", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62228", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62312", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62343", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.apple.com/kb/HT6495", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/articles/1200223", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/node/1200223", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT6535", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX200217", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://support.citrix.com/article/CTX200223", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/34879/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/shellshock/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/58200", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59737", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59907", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60034", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60325", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61065", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61128", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61283", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61313", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61442", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61550", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61552", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61603", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61618", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61619", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61626", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61641", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61643", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61700", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61816", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61857", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62343", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.apple.com/kb/HT6495", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/articles/1200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/node/1200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT6535", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX200217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://support.citrix.com/article/CTX200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/34879/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/shellshock/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Undergoing Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
var-201409-1155
Vulnerability from variot
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Additionally two out-of-bounds array accesses in the bash parser are fixed which were revealed in Red Hat's internal analysis for these issues and also independently reported by Todd Sabin.
For the stable distribution (wheezy), these problems have been fixed in version 4.2+dfsg-0.1+deb7u3.
This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script.
HP Product Firmware Version
HP StoreEver ESL G3 Tape Libraries with MCB version 2 680H_GS40701
HP StoreEver ESL G3 Tape Libraries with MCB version 1 656H_GS10801
The firmware is customer installable and is available in the Drivers, Software & Firmware section at the following location:
http://www.hp.com/support/eslg3
Notes:
- Updating the library firmware requires a reboot of the library.
- If the library firmware cannot be updated, HP recommends following the
Mitigation Instructions below.
Mitigation Instructions
HP recommends the following mitigation steps to reduce the risk of this vulnerability for HP StoreEver ESL G3 Tape Library.
- Disable DHCP and only use static IP addressing. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bash Shift_JIS security update Advisory ID: RHSA-2014:1865-01 Product: RHEL S-JIS Service Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1865.html Issue date: 2014-11-17 CVE Names: CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 =====================================================================
- Summary:
Updated bash Shift_JIS packages that fix one security issue are now available for Red Hat Enterprise Linux 5.9 Extended Update Support.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
SJIS (v. 5.9.z Server) - i386, ia64, x86_64
- Description:
The GNU Bourne Again shell (Bash) is a shell and command language interpreter compatible with the Bourne shell (sh). Bash is the default shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables need to be made aware of changes to the way names are handled by this update. Note that certain services, screen sessions, and tmux sessions may need to be restarted, and affected interactive users may need to re-login. Installing these updated packages without restarting services will address the vulnerability, but functionality may be impacted until affected services are restarted. For more information see the Knowledgebase article at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers, and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in functions are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Package List:
SJIS (v. 5.9.z Server):
Source: bash-3.2-32.el5_9.3.sjis.1.src.rpm
i386: bash-3.2-32.el5_9.3.sjis.1.i386.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm
ia64: bash-3.2-32.el5_9.3.sjis.1.i386.rpm bash-3.2-32.el5_9.3.sjis.1.ia64.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.ia64.rpm
x86_64: bash-3.2-32.el5_9.3.sjis.1.x86_64.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-7169 https://access.redhat.com/security/cve/CVE-2014-7186 https://access.redhat.com/security/cve/CVE-2014-7187 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/1200223
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUajscXlSAg2UNWIIRAlnnAJ46tmMAMI0D6YRHybY5HJ7Mv77fIwCguKAJ ZiE90Rp/vQArh9+LpxnTqGI= =iltu -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Please refer to the RESOLUTION section below for a list of impacted products.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION HP has made the following updates available to resolve the vulnerability in HP StoreOnce Gen 2 Backup systems. The shell is not accessible via the standard calibration or remote management interfaces.
NOTE: Only the Z27x model is vulnerable. The unit provides Calibration Software running on embedded Linux, which includes a Bash Shell. The software is used for service purposes only.
This bulletin will be revised when the firmware update is released.
Release Date: 2014-10-03 Last Updated: 2014-10-03
Potential Security Impact: Injection of code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP Thin Clients running bash.
References:
CVE-2014-6271 CVE-2014-7169 SSRT101728
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Note: all versions of HP Thin Pro and HP Smart Zero Core operating systems prior to version 5.1.0 are affected by this vulnerability. Following is a complete list of affected operating systems.
HP ThinPro
HP ThinPro 5.0 (released June 2014) HP ThinPro 4.4 (released November 2013) HP ThinPro 4.3 (released June 2013) HP ThinPro 4.2 (released November 2012) HP ThinPro 4.1 (released March 2012) HP ThinPro 3.2 (released November 2010) HP ThinPro 3.1 (released June 2010) HP ThinPro 3.0 (released November 2009) HP ThinPro 2.0 (released 2009) HP ThinPro 1.5 (released 2009) HP ThinPro 1.0 (released 2008)
HP Smart Zero Core
HP Smart Zero Core 5.0 (released June 2014) HP Smart Zero Core 4.4 (released November 2013) HP Smart Zero Core 4.3 (released June 2013) HP Smart Zero Core 4.2 (released November 2012) HP Smart Zero Core 4.1 (released March 2012) HP Smart Zero Core 4.0 (released March 2011)
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10 CVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released the following software updates to resolve the vulnerability.
Product Affected Product Versions Patch Status
HP ThinPro and HP Smart Zero Core (X86) v5.1.0 and above No update required; the Bash shell patch is incorporated into the base image. If you participated in the ThinPro 5.1.0 beta program upgrade to the release version as soon as it becomes available.
HP ThinPro and HP Smart Zero Core (x86) v5.0.x A component update is currently available through Easy Update as: SecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86.xar . The update can be also downloaded directly from ftp://ftp.hp.com/pub/tcdebian /updates/5.0/service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86 .xar Or via softpaq delivery at: ftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe
HP ThinPro and HP Smart Zero Core (x86) v4.4.x A component update is currently available through Easy Update as: SecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar . Or can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/ service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar Or via softpaq delivery at: ftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe
HP ThinPro and HP Smart Zero Core (ARM) v4.4.x A component update is currently available through Easy Update as: SecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar . Or can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/ service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar Or via softpaq delivery at: ftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe
HP ThinPro and HP Smart Zero Core v4.3x and earlier An update will be made available for customers upon request
HISTORY Version:1 (rev.1) - 03 October 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201409-1155", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "linux", scope: "eq", trust: 1.3, vendor: "oracle", version: "5", }, { model: "netscaler sdx", scope: "gte", trust: 1, vendor: "citrix", version: "10.5", }, { model: "enterprise linux for power big endian eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3_ppc64", }, { model: "traffix signaling delivery controller", scope: "lte", trust: 1, vendor: "f5", version: "4.0.5", }, { model: "enterprise linux server from rhui", scope: "eq", trust: 1, vendor: "redhat", version: "6.0", }, { model: "zenworks configuration management", scope: "eq", trust: 1, vendor: "novell", version: "11.1", }, { model: "traffix signaling delivery controller", scope: "eq", trust: 1, vendor: "f5", version: "3.3.2", }, { model: "opensuse", scope: "eq", trust: 1, vendor: "opensuse", version: "13.1", }, { model: "big-ip local traffic manager", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "infosphere guardium database activity monitoring", scope: "eq", trust: 1, vendor: "ibm", version: "9.0", }, { model: "enterprise linux for power big endian eus", scope: "eq", trust: 1, vendor: "redhat", version: "6.5_ppc64", }, { model: "big-ip access policy manager", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.11.0", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "big-ip application acceleration manager", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "stn7800", scope: "gte", trust: 1, vendor: "ibm", version: "4.1.2.0", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "5.9", }, { model: "big-ip policy enforcement manager", scope: "gte", trust: 1, vendor: "f5", version: "11.3.0", }, { model: "enterprise linux", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "storwize v5000", scope: "lt", trust: 1, vendor: "ibm", version: "7.3.0.7", }, { model: "mageia", scope: "eq", trust: 1, vendor: "mageia", version: "4.0", }, { model: "infosphere guardium database activity monitoring", scope: "eq", trust: 1, vendor: "ibm", version: "9.1", }, { model: "san volume controller", scope: "lt", trust: 1, vendor: "ibm", version: "7.1.0.11", }, { model: "big-ip access policy manager", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "big-ip advanced firewall manager", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "stn7800", scope: "lt", trust: 1, vendor: "ibm", version: "4.1.2.06", }, { model: "esx", scope: "eq", trust: 1, vendor: "vmware", version: "4.1", }, { model: "linux enterprise server", scope: "eq", trust: 1, vendor: "suse", version: "11", }, { model: "enterprise manager", scope: "gte", trust: 1, vendor: "f5", version: "3.0.0", }, { model: "virtualization", scope: "eq", trust: 1, vendor: "redhat", version: "3.4", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.5", }, { model: "workload deployer", scope: "gte", trust: 1, vendor: "ibm", version: "3.1.0", }, { model: "pureapplication system", scope: "lte", trust: 1, vendor: "ibm", version: "1.1.0.4", }, { model: "big-ip local traffic manager", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "big-ip wan optimization manager", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "enterprise linux for power big endian eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.5_ppc64", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7", }, { model: "enterprise linux for power big endian", scope: "eq", trust: 1, vendor: "redhat", version: "5.0_ppc", }, { model: "big-ip application acceleration manager", scope: "gte", trust: 1, vendor: "f5", version: "11.4.0", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.9.12", }, { model: "qts", scope: "lt", trust: 1, vendor: "qnap", version: "4.1.1", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "5.0", }, { model: "software defined network for virtual environments", scope: "lt", trust: 1, vendor: "ibm", version: "1.2.1", }, { model: "storwize v3700", scope: "gte", trust: 1, vendor: "ibm", version: "7.2.0.0", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "12.04", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "big-ip access policy manager", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "big-ip advanced firewall manager", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.4", }, { model: "starter kit for cloud", scope: "eq", trust: 1, vendor: "ibm", version: "2.2.0", }, { model: "big-ip link controller", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "5.6", }, { model: "smartcloud entry appliance", scope: "eq", trust: 1, vendor: "ibm", version: "3.2.0", }, { model: "storwize v7000", scope: "lt", trust: 1, vendor: "ibm", version: "1.4.3.5", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.5", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "7.4_s390x", }, { model: "qradar vulnerability manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.8", }, { model: "storwize v7000", scope: "gte", trust: 1, vendor: "ibm", version: "7.2.0.0", }, { model: "san volume controller", scope: "lt", trust: 1, vendor: "ibm", version: "7.3.0.7", }, { model: "big-ip application security manager", scope: "gte", trust: 1, vendor: "f5", version: "10.0.0", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "6.5", }, { model: "big-ip protocol security module", scope: "gte", trust: 1, vendor: "f5", version: "10.0.0", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.1", }, { model: "enterprise linux server tus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3", }, { model: "big-ip advanced firewall manager", scope: "gte", trust: 1, vendor: "f5", version: "11.3.0", }, { model: "security access manager for mobile 8.0", scope: "eq", trust: 1, vendor: "ibm", version: "8.0.0.5", }, { model: "storwize v5000", scope: "lt", trust: 1, vendor: "ibm", version: "7.1.0.11", }, { model: "enterprise linux for power big endian eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6_ppc64", }, { model: "stn7800", scope: "lt", trust: 1, vendor: "ibm", version: "3.8.0.07", }, { model: "security access manager for mobile 8.0", scope: "eq", trust: 1, vendor: "ibm", version: "8.0.0.2", }, { model: "linux enterprise software development kit", scope: "eq", trust: 1, vendor: "suse", version: "11", }, { model: "enterprise manager", scope: "lte", trust: 1, vendor: "f5", version: "3.1.1", }, { model: "big-ip webaccelerator", scope: "gte", trust: 1, vendor: "f5", version: "10.0.0", }, { model: "netscaler sdx", scope: "lt", trust: 1, vendor: "citrix", version: "9.3.67.5r1", }, { model: "big-ip edge gateway", scope: "gte", trust: 1, vendor: "f5", version: "10.1.0", }, { model: "mageia", scope: "eq", trust: 1, vendor: "mageia", version: "3.0", }, { model: "stn6800", scope: "lt", trust: 1, vendor: "ibm", version: "3.9.1.08", }, { model: "gluster storage server for on-premise", scope: "eq", trust: 1, vendor: "redhat", version: "2.1", }, { model: "storwize v7000", scope: "gte", trust: 1, vendor: "ibm", version: "1.5.0.0", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.13.0", }, { model: "infosphere guardium database activity monitoring", scope: "eq", trust: 1, vendor: "ibm", version: "8.2", }, { model: "big-ip policy enforcement manager", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "qradar risk manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.1.0", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "6.5_s390x", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "6.0", }, { model: "qradar vulnerability manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.1", }, { model: "storwize v3500", scope: "gte", trust: 1, vendor: "ibm", version: "7.3.0.0", }, { model: "enterprise linux for power big endian", scope: "eq", trust: 1, vendor: "redhat", version: "7.0_ppc64", }, { model: "stn6500", scope: "lt", trust: 1, vendor: "ibm", version: "4.1.2.06", }, { model: "enterprise linux", scope: "eq", trust: 1, vendor: "redhat", version: "6.0", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "7.7_s390x", }, { model: "workload deployer", scope: "lte", trust: 1, vendor: "ibm", version: "3.1.0.7", }, { model: "storwize v7000", scope: "lt", trust: 1, vendor: "ibm", version: "7.3.0.7", }, { model: "traffix signaling delivery controller", scope: "eq", trust: 1, vendor: "f5", version: "4.1.0", }, { model: "netscaler sdx", scope: "lt", trust: 1, vendor: "citrix", version: "10.5.52.11r1", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "6.4", }, { model: "big-iq security", scope: "gte", trust: 1, vendor: "f5", version: "4.0.0", }, { model: "traffix signaling delivery controller", scope: "eq", trust: 1, vendor: "f5", version: "3.5.1", }, { model: "stn6500", scope: "gte", trust: 1, vendor: "ibm", version: "3.9.1.0", }, { model: "enterprise manager", scope: "lte", trust: 1, vendor: "f5", version: "2.3.0", }, { model: "big-ip application security manager", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "storwize v7000", scope: "lt", trust: 1, vendor: "ibm", version: "1.5.0.4", }, { model: "big-ip protocol security module", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "linux enterprise desktop", scope: "eq", trust: 1, vendor: "suse", version: "11", }, { model: "esx", scope: "eq", trust: 1, vendor: "vmware", version: "4.0", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "big-ip global traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "10.0.0", }, { model: "smartcloud entry appliance", scope: "eq", trust: 1, vendor: "ibm", version: "2.3.0", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.8", }, { model: "traffix signaling delivery controller", scope: "gte", trust: 1, vendor: "f5", version: "4.0.0", }, { model: "san volume controller", scope: "gte", trust: 1, vendor: "ibm", version: "7.3.0.0", }, { model: "stn6800", scope: "gte", trust: 1, vendor: "ibm", version: "3.9.1.0", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.1.1", }, { model: "storwize v3700", scope: "lt", trust: 1, vendor: "ibm", version: "7.2.0.9", }, { model: "storwize v3500", scope: "lt", trust: 1, vendor: "ibm", version: "7.2.0.9", }, { model: "traffix signaling delivery controller", scope: "eq", trust: 1, vendor: "f5", version: "3.4.1", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.11.11", }, { model: "pureapplication system", scope: "gte", trust: 1, vendor: "ibm", version: "1.0.0.0", }, { model: "enterprise linux for power big endian", scope: "eq", trust: 1, vendor: "redhat", version: "5.9_ppc", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.6", }, { model: "enterprise linux for power big endian", scope: "eq", trust: 1, vendor: "redhat", version: "6.0_ppc64", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.4", }, { model: "opensuse", scope: "eq", trust: 1, vendor: "opensuse", version: "12.3", }, { model: "enterprise manager", scope: "gte", trust: 1, vendor: "f5", version: "2.1.0", }, { model: "enterprise linux", scope: "eq", trust: 1, vendor: "redhat", version: "5.0", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "6.4_s390x", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.3", }, { model: "storwize v3500", scope: "gte", trust: 1, vendor: "ibm", version: "7.2.0.0", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.14.0", }, { model: "security access manager for web 8.0", scope: "eq", trust: 1, vendor: "ibm", version: "8.0.0.5", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.1.2", }, { model: "big-ip global traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "enterprise linux for power big endian", scope: "eq", trust: 1, vendor: "redhat", version: "6.4_ppc64", }, { model: "linux enterprise server", scope: "eq", trust: 1, vendor: "suse", version: "10", }, { model: "stn6500", scope: "gte", trust: 1, vendor: "ibm", version: "3.8.0.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "7.0", }, { model: "security access manager for web 8.0", scope: "eq", trust: 1, vendor: "ibm", version: "8.0.0.2", }, { model: "storwize v3700", scope: "gte", trust: 1, vendor: "ibm", version: "1.1.0.0", }, { model: "big-ip webaccelerator", scope: "lte", trust: 1, vendor: "f5", version: "11.3.0", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.4", }, { model: "big-ip policy enforcement manager", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "7.5_s390x", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.2", }, { model: "qradar vulnerability manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.4", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "6.5", }, { model: "linux", scope: "eq", trust: 1, vendor: "oracle", version: "6", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "7.6_s390x", }, { model: "qradar vulnerability manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.3", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.1.0", }, { model: "enterprise linux for power big endian eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.4_ppc64", }, { model: "storwize v7000", scope: "gte", trust: 1, vendor: "ibm", version: "1.1.0.0", }, { model: "studio onsite", scope: "eq", trust: 1, vendor: "suse", version: "1.3", }, { model: "flex system v7000", scope: "gte", trust: 1, vendor: "ibm", version: "7.3.0.0", }, { model: "pureapplication system", scope: "lte", trust: 1, vendor: "ibm", version: "1.0.0.4", }, { model: "stn6800", scope: "gte", trust: 1, vendor: "ibm", version: "3.8.0.0", }, { model: "big-ip link controller", scope: "gte", trust: 1, vendor: "f5", version: "10.0.0", }, { model: "storwize v5000", scope: "gte", trust: 1, vendor: "ibm", version: "7.3.0.0", }, { model: "big-ip application security manager", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "opensuse", scope: "eq", trust: 1, vendor: "opensuse", version: "13.2", }, { model: "big-ip protocol security module", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "qts", scope: "eq", trust: 1, vendor: "qnap", version: "4.1.1", }, { model: "storwize v3700", scope: "lt", trust: 1, vendor: "ibm", version: "7.3.0.7", }, { model: "storwize v3500", scope: "lt", trust: 1, vendor: "ibm", version: "7.3.0.7", }, { model: "big-ip global traffic manager", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "big-ip analytics", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "enterprise linux for scientific computing", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.14.4f", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.7", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3", }, { model: "big-ip webaccelerator", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "linux enterprise desktop", scope: "eq", trust: 1, vendor: "suse", version: "12", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.10.9", }, { model: "linux enterprise server", scope: "eq", trust: 1, vendor: "suse", version: "12", }, { model: "big-ip local traffic manager", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "6.0", }, { model: "big-ip link controller", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "zenworks configuration management", scope: "eq", trust: 1, vendor: "novell", version: "11.3.0", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.13.9", }, { model: "enterprise linux for power big endian eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7_ppc64", }, { model: "big-ip access policy manager", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "flex system v7000", scope: "lt", trust: 1, vendor: "ibm", version: "7.2.0.9", }, { model: "stn6800", scope: "lt", trust: 1, vendor: "ibm", version: "4.1.2.06", }, { model: "vcenter server appliance", scope: "eq", trust: 1, vendor: "vmware", version: "5.1", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "10.04", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.6", }, { model: "stn7800", scope: "gte", trust: 1, vendor: "ibm", version: "3.9.1.0", }, { model: "flex system v7000", scope: "gte", trust: 1, vendor: "ibm", version: "7.2.0.0", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.5", }, { model: "smartcloud entry appliance", scope: "eq", trust: 1, vendor: "ibm", version: "2.4.0", }, { model: "arx", scope: "lte", trust: 1, vendor: "f5", version: "6.4.0", }, { model: "storwize v5000", scope: "gte", trust: 1, vendor: "ibm", version: "7.2.0.0", }, { model: "big-ip application security manager", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.2", }, { model: "stn6500", scope: "lt", trust: 1, vendor: "ibm", version: "3.8.0.07", }, { model: "big-ip analytics", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "big-ip wan optimization manager", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "pureapplication system", scope: "eq", trust: 1, vendor: "ibm", version: "2.0.0.0", }, { model: "big-ip webaccelerator", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "storwize v3700", scope: "lt", trust: 1, vendor: "ibm", version: "7.1.0.11", }, { model: "smartcloud provisioning", scope: "eq", trust: 1, vendor: "ibm", version: "2.1.0", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "6.2", }, { model: "security access manager for mobile 8.0", scope: "eq", trust: 1, vendor: "ibm", version: "8.0.0.3", }, { model: "qradar vulnerability manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.6", }, { model: "storwize v3500", scope: "lt", trust: 1, vendor: "ibm", version: "7.1.0.11", }, { model: "big-ip analytics", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "big-ip link controller", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "mac os x", scope: "lt", trust: 1, vendor: "apple", version: "10.10.0", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.9.0", }, { model: "big-ip protocol security module", scope: "lte", trust: 1, vendor: "f5", version: "11.4.1", }, { model: "linux enterprise software development kit", scope: "eq", trust: 1, vendor: "suse", version: "12", }, { model: "big-ip wan optimization manager", scope: "lte", trust: 1, vendor: "f5", version: "11.3.0", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "5.0", }, { model: "stn7800", scope: "lt", trust: 1, vendor: "ibm", version: "3.9.1.08", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.4", }, { model: "storwize v3700", scope: "gte", trust: 1, vendor: "ibm", version: "7.3.0.0", }, { model: "storwize v3500", scope: "gte", trust: 1, vendor: "ibm", version: "1.1.0.0", }, { model: "qradar vulnerability manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.0", }, { model: "qradar vulnerability manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.2", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "5.9", }, { model: "stn6800", scope: "lt", trust: 1, vendor: "ibm", version: "3.8.0.07", }, { model: "flex system v7000", scope: "lt", trust: 1, vendor: "ibm", version: "7.3.0.7", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.7", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.10.0", }, { model: "stn7800", scope: "gte", trust: 1, vendor: "ibm", version: "3.8.0.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 1, vendor: "redhat", version: "5.0", }, { model: "zenworks configuration management", scope: "eq", trust: 1, vendor: "novell", version: "10.3", }, { model: "enterprise linux server tus", scope: "eq", trust: 1, vendor: "redhat", version: "7.7", }, { model: "san volume controller", scope: "lt", trust: 1, vendor: "ibm", version: "7.2.0.9", }, { model: "storwize v7000", scope: "gte", trust: 1, vendor: "ibm", version: "7.3.0.0", }, { model: "san volume controller", scope: "gte", trust: 1, vendor: "ibm", version: "7.2.0.0", }, { model: "big-ip wan optimization manager", scope: "gte", trust: 1, vendor: "f5", version: "10.0.0", }, { model: "enterprise linux for scientific computing", scope: "eq", trust: 1, vendor: "redhat", version: "6.0", }, { model: "enterprise linux server tus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "pureapplication system", scope: "gte", trust: 1, vendor: "ibm", version: "1.1.0.0", }, { model: "open enterprise server", scope: "eq", trust: 1, vendor: "novell", version: "11.0", }, { model: "bash", scope: "lte", trust: 1, vendor: "gnu", version: "4.3", }, { model: "security access manager for mobile 8.0", scope: "eq", trust: 1, vendor: "ibm", version: "8.0.0.1", }, { model: "stn6800", scope: "gte", trust: 1, vendor: "ibm", version: "4.1.2.0", }, { model: "big-ip global traffic manager", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "big-iq security", scope: "lte", trust: 1, vendor: "f5", version: "4.4.0", }, { model: "enterprise linux server from rhui", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "big-ip application security manager", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.8", }, { model: "enterprise linux server tus", scope: "eq", trust: 1, vendor: "redhat", version: "6.5", }, { model: "eos", scope: "lt", trust: 1, vendor: "arista", version: "4.12.9", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "5.9_s390x", }, { model: "open enterprise server", scope: "eq", trust: 1, vendor: "novell", version: "2.0", }, { model: "san volume controller", scope: "gte", trust: 1, vendor: "ibm", version: "1.1.0.0", }, { model: "big-ip edge gateway", scope: "lte", trust: 1, vendor: "f5", version: "10.2.4", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "14.04", }, { model: "enterprise linux for ibm z systems", scope: "eq", trust: 1, vendor: "redhat", version: "7.3_s390x", }, { model: "big-ip edge gateway", scope: "lte", trust: 1, vendor: "f5", version: "11.3.0", }, { model: "eos", scope: "gte", trust: 1, vendor: "arista", version: "4.12.0", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.8.15", }, { model: "smartcloud entry appliance", scope: "eq", trust: 1, vendor: "ibm", version: "3.1.0", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.3", }, { model: "security gateway", scope: "lt", trust: 1, vendor: "checkpoint", version: "r77.30", }, { model: "storwize v7000", scope: "lt", trust: 1, vendor: "ibm", version: "7.2.0.9", }, { model: "big-iq cloud", scope: "gte", trust: 1, vendor: "f5", version: "4.0.0", }, { model: "big-iq device", scope: "gte", trust: 1, vendor: "f5", version: "4.2.0", }, { model: "enterprise linux", scope: "eq", trust: 1, vendor: "redhat", version: "4.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 1, vendor: "redhat", version: "6.0", }, { model: "enterprise linux server from rhui", scope: "eq", trust: 1, vendor: "redhat", version: "5.0", }, { model: "big-ip local traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "10.0.0", }, { model: "stn6500", scope: "lt", trust: 1, vendor: "ibm", version: "3.9.1.08", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.9", }, { model: "security access manager for web 8.0", scope: "eq", trust: 1, vendor: "ibm", version: "8.0.0.3", }, { model: "storwize v5000", scope: "lt", trust: 1, vendor: "ibm", version: "7.2.0.9", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.3", }, { model: "flex system v7000", scope: "lt", trust: 1, vendor: "ibm", version: "7.1.0.11", }, { model: "big-iq cloud", scope: "lte", trust: 1, vendor: "f5", version: "4.4.0", }, { model: "vcenter server appliance", scope: "eq", trust: 1, vendor: "vmware", version: "5.0", }, { model: "zenworks configuration management", scope: "eq", trust: 1, vendor: "novell", version: "11.2", }, { model: "qradar security information and event manager", scope: "eq", trust: 1, vendor: "ibm", version: "7.2.0", }, { model: "security access manager for web 7.0", scope: "eq", trust: 1, vendor: "ibm", version: "7.0.0.1", }, { model: "big-iq device", scope: "lte", trust: 1, vendor: "f5", version: "4.4.0", }, { model: "big-ip link controller", scope: "eq", trust: 1, vendor: "f5", version: "11.6.0", }, { model: "arx", scope: "gte", trust: 1, vendor: "f5", version: "6.0.0", }, { model: "zenworks configuration management", scope: "eq", trust: 1, vendor: "novell", version: "11", }, { model: "flex system v7000", scope: "gte", trust: 1, vendor: "ibm", version: "1.1.0.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "oracle", version: "4", }, { model: "netscaler sdx", scope: "gte", trust: 1, vendor: "citrix", version: "10", }, { model: "big-ip local traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "storwize v5000", scope: "gte", trust: 1, vendor: "ibm", version: "1.1.0.0", }, { model: "big-ip application acceleration manager", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "vcenter server appliance", scope: "eq", trust: 1, vendor: "vmware", version: "5.5", }, { model: "mac os x", scope: "gte", trust: 1, vendor: "apple", version: "10.0.0", }, { model: "netscaler sdx", scope: "lt", trust: 1, vendor: "citrix", version: "10.1.129.11r1", }, { model: "enterprise linux eus", scope: "eq", trust: 1, vendor: "redhat", version: "6.4", }, { model: "big-ip edge gateway", scope: "gte", trust: 1, vendor: "f5", version: "11.0.0", }, { model: "big-ip global traffic manager", scope: "lte", trust: 1, vendor: "f5", version: "11.5.1", }, { model: "stn6500", scope: "gte", trust: 1, vendor: "ibm", version: "4.1.2.0", }, { model: "big-ip access policy manager", scope: "gte", trust: 1, vendor: "f5", version: "10.1.0", }, { model: "bash", scope: "eq", trust: 0.9, vendor: "gnu", version: "4.2", }, { model: null, scope: null, trust: 0.8, vendor: "apple", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "avaya", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "barracuda", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "blue coat", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "centos", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "check point", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cygwin", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "d link", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "debian gnu linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "dell computer", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "extreme", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "f5", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "fireeye", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "fortinet", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "gnu bash", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "gentoo linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ibm", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "juniper", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mageia", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mcafee", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "monroe", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "nec", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "niksun", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "novell", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "oracle", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "palo alto", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "qnap security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "suse linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "slackware linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sophos", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "trend micro", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ubuntu", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "vmware", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "xirrus", version: null, }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "4.0", }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "3.2", }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "4.1", }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "4.3", }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "3.0.16", }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "2.03", }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "3.1", }, { model: "bash", scope: "eq", trust: 0.6, vendor: "gnu", version: "3.2.48", }, { model: "workcentre", scope: "eq", trust: 0.3, vendor: "xerox", version: "7245", }, { model: "workcentre", scope: "eq", trust: 0.3, vendor: "xerox", version: "7242", }, { model: "workcentre", scope: "eq", trust: 0.3, vendor: "xerox", version: "7238", }, { model: "workcentre", scope: "eq", trust: 0.3, vendor: "xerox", version: "7235", }, { model: "workcentre", scope: "eq", trust: 0.3, vendor: "xerox", version: "7232", }, { model: "workcentre", scope: "eq", trust: 0.3, vendor: "xerox", version: "7228", }, { model: "phaser", scope: "eq", trust: 0.3, vendor: "xerox", version: "78000", }, { model: "phaser", scope: "eq", trust: 0.3, vendor: "xerox", version: "67000", }, { model: "colorqube", scope: "eq", trust: 0.3, vendor: "xerox", version: "9393", }, { model: "colorqube", scope: "eq", trust: 0.3, vendor: "xerox", version: "9303", }, { model: "colorqube", scope: "eq", trust: 0.3, vendor: "xerox", version: "9302", }, { model: "colorqube", scope: "eq", trust: 0.3, vendor: "xerox", version: "9301", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "11", }, { model: "vm virtualbox", scope: "eq", trust: 0.3, vendor: "oracle", version: "3.2", }, { model: "vm virtualbox", scope: "eq", trust: 0.3, vendor: "oracle", version: "3.1", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6.2", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "5", }, { model: "email gateway patch", scope: "eq", trust: 0.3, vendor: "mcafee", version: "7.01", }, { model: "email gateway", scope: "eq", trust: 0.3, vendor: "mcafee", version: "7.0", }, { model: "email gateway hotfix", scope: "eq", trust: 0.3, vendor: "mcafee", version: "6.7.22", }, { model: "email gateway hotfix", scope: "eq", trust: 0.3, vendor: "mcafee", version: "6.7.21", }, { model: "ds8000", scope: "eq", trust: 0.3, vendor: "ibm", version: "0", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "7.1", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "6.1", }, { model: "aix", scope: "eq", trust: 0.3, vendor: "ibm", version: "5.3", }, { model: "insight control", scope: "eq", trust: 0.3, vendor: "hp", version: "0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "wide area application services", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "unified ip phone", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "unified contact center express", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "network analysis module", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "mds", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "gss 4492r global site selector", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "emergency responder", scope: "eq", trust: 0.3, vendor: "cisco", version: "1.1", }, { model: "digital media manager", scope: "eq", trust: 0.3, vendor: "cisco", version: "5.0", }, { model: "digital media manager", scope: "eq", trust: 0.3, vendor: "cisco", version: "0", }, { model: "show and share", scope: "eq", trust: 0.3, vendor: "cisco", version: "5(2)", }, { model: "ip deskphone", scope: "eq", trust: 0.3, vendor: "avaya", version: "96x16.2", }, { model: "ip deskphone", scope: "eq", trust: 0.3, vendor: "avaya", version: "96x16", }, ], sources: [ { db: "CERT/CC", id: "VU#252743", }, { db: "BID", id: "70166", }, { db: "CNNVD", id: "CNNVD-201409-956", }, { db: "NVD", id: "CVE-2014-7169", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "HP", sources: [ { db: "PACKETSTORM", id: "128753", }, { db: "PACKETSTORM", id: "129069", }, { db: "PACKETSTORM", id: "129067", }, { db: "PACKETSTORM", id: "128864", }, { db: "PACKETSTORM", id: "128752", }, { db: "PACKETSTORM", id: "128666", }, { db: "PACKETSTORM", id: "129264", }, { db: "PACKETSTORM", id: "129095", }, { db: "PACKETSTORM", id: "128545", }, { db: "PACKETSTORM", id: "128513", }, { db: "PACKETSTORM", id: "128546", }, { db: "PACKETSTORM", id: "128755", }, ], trust: 1.2, }, cve: "CVE-2014-7169", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CVE-2014-7169", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2014-7169", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2014-7169", trust: 1, value: "CRITICAL", }, { author: "CNNVD", id: "CNNVD-201409-956", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2014-7169", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-7169", }, { db: "CNNVD", id: "CNNVD-201409-956", }, { db: "NVD", id: "CVE-2014-7169", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \n\nAdditionally two out-of-bounds array accesses in the bash parser are\nfixed which were revealed in Red Hat's internal analysis for these\nissues and also independently reported by Todd Sabin. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.2+dfsg-0.1+deb7u3. \n\nThis vulnerability allows users that have been granted access to a shell\nscript to escalate privilege and execute unrestricted commands at the same\nsecurity level as the Bash script. \n\n HP Product\n Firmware Version\n\n HP StoreEver ESL G3 Tape Libraries with MCB version 2\n 680H_GS40701\n\n HP StoreEver ESL G3 Tape Libraries with MCB version 1\n 656H_GS10801\n\n The firmware is customer installable and is available in the Drivers,\nSoftware & Firmware section at the following location:\n\n http://www.hp.com/support/eslg3\n\n Notes:\n\n - Updating the library firmware requires a reboot of the library. \n - If the library firmware cannot be updated, HP recommends following the\nMitigation Instructions below. \n\nMitigation Instructions\n\n HP recommends the following mitigation steps to reduce the risk of this\nvulnerability for HP StoreEver ESL G3 Tape Library. \n\n - Disable DHCP and only use static IP addressing. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bash Shift_JIS security update\nAdvisory ID: RHSA-2014:1865-01\nProduct: RHEL S-JIS Service\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1865.html\nIssue date: 2014-11-17\nCVE Names: CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 \n=====================================================================\n\n1. Summary:\n\nUpdated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.9 Extended Update Support. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nSJIS (v. 5.9.z Server) - i386, ia64, x86_64\n\n3. Description:\n\nThe GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux. \n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding. \n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login. \nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes. \n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article. \n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata \nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nSJIS (v. 5.9.z Server):\n\nSource:\nbash-3.2-32.el5_9.3.sjis.1.src.rpm\n\ni386:\nbash-3.2-32.el5_9.3.sjis.1.i386.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm\n\nia64:\nbash-3.2-32.el5_9.3.sjis.1.i386.rpm\nbash-3.2-32.el5_9.3.sjis.1.ia64.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.ia64.rpm\n\nx86_64:\nbash-3.2-32.el5_9.3.sjis.1.x86_64.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-7169\nhttps://access.redhat.com/security/cve/CVE-2014-7186\nhttps://access.redhat.com/security/cve/CVE-2014-7187\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/1200223\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUajscXlSAg2UNWIIRAlnnAJ46tmMAMI0D6YRHybY5HJ7Mv77fIwCguKAJ\nZiE90Rp/vQArh9+LpxnTqGI=\n=iltu\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nHP has made the following updates available to resolve the vulnerability in\nHP StoreOnce Gen 2 Backup systems. The shell is not accessible via the standard\ncalibration or remote management interfaces. \n\nNOTE: Only the Z27x model is vulnerable. The unit provides Calibration Software\nrunning on embedded Linux, which includes a Bash Shell. The software is used\nfor service purposes only. \n\nThis bulletin will be revised when the firmware update is released. \n\nRelease Date: 2014-10-03\nLast Updated: 2014-10-03\n\nPotential Security Impact: Injection of code\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with certain HP Thin\nClients running bash. \n\nReferences:\n\nCVE-2014-6271\nCVE-2014-7169\nSSRT101728\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nNote: all versions of HP Thin Pro and HP Smart Zero Core operating systems\nprior to version 5.1.0 are affected by this vulnerability. Following is a\ncomplete list of affected operating systems. \n\nHP ThinPro\n\nHP ThinPro 5.0 (released June 2014)\nHP ThinPro 4.4 (released November 2013)\nHP ThinPro 4.3 (released June 2013)\nHP ThinPro 4.2 (released November 2012)\nHP ThinPro 4.1 (released March 2012)\nHP ThinPro 3.2 (released November 2010)\nHP ThinPro 3.1 (released June 2010)\nHP ThinPro 3.0 (released November 2009)\nHP ThinPro 2.0 (released 2009)\nHP ThinPro 1.5 (released 2009)\nHP ThinPro 1.0 (released 2008)\n\nHP Smart Zero Core\n\nHP Smart Zero Core 5.0 (released June 2014)\nHP Smart Zero Core 4.4 (released November 2013)\nHP Smart Zero Core 4.3 (released June 2013)\nHP Smart Zero Core 4.2 (released November 2012)\nHP Smart Zero Core 4.1 (released March 2012)\nHP Smart Zero Core 4.0 (released March 2011)\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released the following software updates to resolve the vulnerability. \n\nProduct Affected\n Product Versions\n Patch Status\n\nHP ThinPro and HP Smart Zero Core (X86)\n v5.1.0 and above\n No update required; the Bash shell patch is incorporated into the base\nimage. \nIf you participated in the ThinPro 5.1.0 beta program upgrade to the release\nversion as soon as it becomes available. \n\nHP ThinPro and HP Smart Zero Core (x86)\n v5.0.x\n A component update is currently available through Easy Update as:\nSecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86.xar . \nThe update can be also downloaded directly from ftp://ftp.hp.com/pub/tcdebian\n/updates/5.0/service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86\n.xar\nOr via softpaq delivery at:\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\n\nHP ThinPro and HP Smart Zero Core (x86)\n v4.4.x\n A component update is currently available through Easy Update as:\nSecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar . \nOr can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/\nservice_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar\nOr via softpaq delivery at:\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\n\nHP ThinPro and HP Smart Zero Core (ARM)\n v4.4.x\n A component update is currently available through Easy Update as:\nSecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar . \nOr can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/\nservice_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar\nOr via softpaq delivery at:\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\n\nHP ThinPro and HP Smart Zero Core\n v4.3x and earlier\n An update will be made available for customers upon request\n\nHISTORY\nVersion:1 (rev.1) - 03 October 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer's patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners", sources: [ { db: "NVD", id: "CVE-2014-7169", }, { db: "CERT/CC", id: "VU#252743", }, { db: "BID", id: "70166", }, { db: "PACKETSTORM", id: "128431", }, { db: "PACKETSTORM", id: "128753", }, { db: "PACKETSTORM", id: "129069", }, { db: "PACKETSTORM", id: "129067", }, { db: "PACKETSTORM", id: "128864", }, { db: "PACKETSTORM", id: "128752", }, { db: "VULMON", id: "CVE-2014-7169", }, { db: "PACKETSTORM", id: "129132", }, { db: "PACKETSTORM", id: "129264", }, { db: "PACKETSTORM", id: "129095", }, { db: "PACKETSTORM", id: "128545", }, { db: "PACKETSTORM", id: "128513", }, { db: "PACKETSTORM", id: "128546", }, { db: "PACKETSTORM", id: "128755", }, { db: "PACKETSTORM", id: "128666", }, ], trust: 3.24, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=36933", trust: 1.5, type: "exploit", }, ], sources: [ { db: "VULMON", id: "CVE-2014-7169", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-7169", trust: 3.4, }, { db: "CERT/CC", id: "VU#252743", trust: 2.8, }, { db: "MCAFEE", id: "SB10085", trust: 2, }, { db: "JUNIPER", id: "JSA10648", trust: 2, }, { db: "SECUNIA", id: "61618", trust: 1.7, }, { db: "SECUNIA", id: "61641", trust: 1.7, }, { db: "SECUNIA", id: "61622", trust: 1.7, }, { db: "SECUNIA", id: "61603", trust: 1.7, }, { db: "SECUNIA", id: "60055", trust: 1.7, }, { db: "SECUNIA", id: "61287", trust: 1.7, }, { db: "SECUNIA", id: "61654", trust: 1.7, }, { db: "SECUNIA", id: "61188", trust: 1.7, }, { db: "SECUNIA", id: "61313", trust: 1.7, }, { db: "SECUNIA", id: "61700", trust: 1.7, }, { db: "SECUNIA", id: "61552", trust: 1.7, }, { db: "SECUNIA", id: "61780", trust: 1.7, }, { db: "SECUNIA", id: "58200", trust: 1.7, }, { db: "SECUNIA", id: "61550", trust: 1.7, }, { db: "SECUNIA", id: "61565", trust: 1.7, }, { db: "SECUNIA", id: "61619", trust: 1.7, }, { db: "SECUNIA", id: "61479", trust: 1.7, }, { db: "SECUNIA", id: "61312", trust: 1.7, }, { db: "SECUNIA", id: "60193", trust: 1.7, }, { db: "SECUNIA", id: "61129", trust: 1.7, }, { db: "SECUNIA", id: "61703", trust: 1.7, }, { db: "SECUNIA", id: "60433", trust: 1.7, }, { db: "SECUNIA", id: "61128", trust: 1.7, }, { db: "SECUNIA", id: "61873", trust: 1.7, }, { db: "SECUNIA", id: "62228", trust: 1.7, }, { db: "SECUNIA", id: "60063", trust: 1.7, }, { db: "SECUNIA", id: "61816", trust: 1.7, }, { db: "SECUNIA", id: "61711", trust: 1.7, }, { db: "SECUNIA", id: "61633", trust: 1.7, }, { db: "SECUNIA", id: "59737", trust: 1.7, }, { db: "SECUNIA", id: "60034", trust: 1.7, }, { db: "SECUNIA", id: "61643", trust: 1.7, }, { db: "SECUNIA", id: "60947", trust: 1.7, }, { db: "SECUNIA", id: "61485", trust: 1.7, }, { db: "SECUNIA", id: "61676", trust: 1.7, }, { db: "SECUNIA", id: "61503", trust: 1.7, }, { db: "SECUNIA", id: "60044", trust: 1.7, }, { db: "SECUNIA", id: "62343", trust: 1.7, }, { db: "SECUNIA", id: "61626", trust: 1.7, }, { db: "SECUNIA", id: "60325", trust: 1.7, }, { db: "SECUNIA", id: "61291", trust: 1.7, }, { db: "SECUNIA", id: "59272", trust: 1.7, }, { db: "SECUNIA", id: "61328", trust: 1.7, }, { db: "SECUNIA", id: "61283", trust: 1.7, }, { db: "SECUNIA", id: "61855", trust: 1.7, }, { db: "SECUNIA", id: "61442", trust: 1.7, }, { db: "SECUNIA", id: "60024", trust: 1.7, }, { db: "SECUNIA", id: "61715", trust: 1.7, }, { db: "SECUNIA", id: "61471", trust: 1.7, }, { db: "SECUNIA", id: "61857", trust: 1.7, }, { db: "SECUNIA", id: "61065", trust: 1.7, }, { db: "SECUNIA", id: "59907", trust: 1.7, }, { db: "SECUNIA", id: "62312", trust: 1.7, }, { db: "USCERT", id: "TA14-268A", trust: 1.7, }, { db: "OPENWALL", id: "OSS-SECURITY/2014/09/24/32", trust: 1.7, }, { db: "PACKETSTORM", id: "128567", trust: 1.7, }, { db: "PACKETSTORM", id: "128517", trust: 1.7, }, { db: "JVN", id: "JVN55667175", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2014-000126", trust: 1.7, }, { db: "EXPLOIT-DB", id: "34879", trust: 1.6, }, { db: "CNNVD", id: "CNNVD-201409-956", trust: 0.6, }, { db: "JUNIPER", id: "JSA10661", trust: 0.3, }, { db: "ICS CERT", id: "ICSA-14-269-01", trust: 0.3, }, { db: "BID", id: "70166", trust: 0.3, }, { db: "EXPLOITDB", id: "34879", trust: 0.1, }, { db: "EXPLOITDB", id: "36933", trust: 0.1, }, { db: "ICS CERT", id: "ICSA-14-269-01A", trust: 0.1, }, { db: "VULMON", id: "CVE-2014-7169", trust: 0.1, }, { db: "PACKETSTORM", id: "128431", trust: 0.1, }, { db: "PACKETSTORM", id: "128753", trust: 0.1, }, { db: "PACKETSTORM", id: "129069", trust: 0.1, }, { db: "PACKETSTORM", id: "129067", trust: 0.1, }, { db: "PACKETSTORM", id: "128864", trust: 0.1, }, { db: "PACKETSTORM", id: "128752", trust: 0.1, }, { db: "PACKETSTORM", id: "128666", trust: 0.1, }, { db: "PACKETSTORM", id: "129132", trust: 0.1, }, { db: "PACKETSTORM", id: "129264", trust: 0.1, }, { db: "PACKETSTORM", id: "129095", trust: 0.1, }, { db: "PACKETSTORM", id: "128545", trust: 0.1, }, { db: "PACKETSTORM", id: "128513", trust: 0.1, }, { db: "PACKETSTORM", id: "128546", trust: 0.1, }, { db: "PACKETSTORM", id: "128755", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#252743", }, { db: "VULMON", id: "CVE-2014-7169", }, { db: "BID", id: "70166", }, { db: "PACKETSTORM", id: "128431", }, { db: "PACKETSTORM", id: "128753", }, { db: "PACKETSTORM", id: "129069", }, { db: "PACKETSTORM", id: "129067", }, { db: "PACKETSTORM", id: "128864", }, { db: "PACKETSTORM", id: "128752", }, { db: "PACKETSTORM", id: "128666", }, { db: "PACKETSTORM", id: "129132", }, { db: "PACKETSTORM", id: "129264", }, { db: "PACKETSTORM", id: "129095", }, { db: "PACKETSTORM", id: "128545", }, { db: "PACKETSTORM", id: "128513", }, { db: "PACKETSTORM", id: "128546", }, { db: "PACKETSTORM", id: "128755", }, { db: "CNNVD", id: "CNNVD-201409-956", }, { db: "NVD", id: "CVE-2014-7169", }, ], }, id: "VAR-201409-1155", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3212341, }, last_update_date: "2024-11-29T21:48:34.624000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "bash4.1.2-15.el6_5.2.x86_64", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54163", }, { title: "bash-4.2-cve-2014-7169-2", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54162", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2014/09/27/oracle_no_shellshock_patches_yet/", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2014/09/26/ico_shellshock_warning/", }, { title: "The Register", trust: 0.2, url: "https://www.theregister.co.uk/2014/09/25/shellshock_bash_worm_type_fears/", }, { title: "Ubuntu Security Notice: bash vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2363-2", }, { title: "Ubuntu Security Notice: bash vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2363-1", }, { title: "Debian CVElist Bug Report Logs: bash: CVE-2014-7169: Incomplete fix for CVE-2014-6271", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=7a56c10ff83e62f236b0dc330aab6c31", }, { title: "Debian Security Advisories: DSA-3035-1 bash -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=f4f02191845c862da8b42c8e3db24b63", }, { title: "Red Hat: CVE-2014-7169", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2014-7169", }, { title: "Amazon Linux AMI: ALAS-2014-419", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2014-419", }, { title: "VMware Security Advisories: VMware product updates address critical Bash security vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=86cb6b3955e100fdc9667a7ca916c772", }, { title: "HP: HPSBHF03119 rev.3 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=HPSBHF03119", }, { title: "Symantec Security Advisories: SA82 : GNU Bash Shellshock Command Injection Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=2b57ceaadfde2a8b03482273e1fd21ea", }, { title: "Citrix Security Bulletins: Citrix XenServer Shellshock Security Update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=64ae0aae8269062686789e3a3fa1d2bf", }, { title: "Tenable Security Advisories: [R7] Tenable Appliance Affected by GNU bash 'Shellshock' Vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2014-07", }, { title: "Citrix Security Bulletins: Citrix Security Advisory for GNU Bash Shellshock Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=73443a6db89dc66fc6bcb49f85bfd1ab", }, { title: "Splunk Security Announcements: Splunk response to \"shellshock\" vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements&qid=995d0135ab7f45978bdbc53bcd6ffc14", }, { title: "cookbook_shellshock", trust: 0.1, url: "https://github.com/ChefRycar/cookbook_shellshock ", }, { title: "patchme", trust: 0.1, url: "https://github.com/jackbezalel/patchme ", }, { title: "hackernews-headlines", trust: 0.1, url: "https://github.com/bodazhao/hackernews-headlines ", }, { title: "hacker-news-headlines", trust: 0.1, url: "https://github.com/bodazhao/hacker-news-headlines ", }, { title: "totalshares", trust: 0.1, url: "https://github.com/Prashant-kumar/totalshares ", }, { title: "mysecurity-cookbook", trust: 0.1, url: "https://github.com/alexpop/mysecurity-cookbook ", }, { title: "Shell-Shock-Update", trust: 0.1, url: "https://github.com/UMDTERPS/Shell-Shock-Update ", }, { title: "bash-cve-2014-7169-cookbook", trust: 0.1, url: "https://github.com/gina-alaska/bash-cve-2014-7169-cookbook ", }, { title: "bash-vulnerability", trust: 0.1, url: "https://github.com/bacarrdy/bash-vulnerability ", }, { title: "poc-development", trust: 0.1, url: "https://github.com/h0n3yb/poc-development ", }, { title: "puppet-shellshock", trust: 0.1, url: "https://github.com/renanvicente/puppet-shellshock ", }, { title: "shellshock_salt_grain", trust: 0.1, url: "https://github.com/jcollie/shellshock_salt_grain ", }, { title: "bash-4.2-patched", trust: 0.1, url: "https://github.com/ricedu/bash-4.2-patched ", }, { title: "scripts", trust: 0.1, url: "https://github.com/omretterry/scripts ", }, { title: "macosx-bash-92-shellshock-patched", trust: 0.1, url: "https://github.com/ido/macosx-bash-92-shellshock-patched ", }, { title: "bash-shellshock", trust: 0.1, url: "https://github.com/dlitz/bash-shellshock ", }, { title: "Shellshock-Bash-Remote-Code-Execution-Vulnerability-and-Exploitation", trust: 0.1, url: "https://github.com/pbr94/Shellshock-Bash-Remote-Code-Execution-Vulnerability-and-Exploitation ", }, { title: "smtp-shellshock", trust: 0.1, url: "https://github.com/BlisterGravy/smtp-shellshock ", }, { title: "patch-bash-shellshock", trust: 0.1, url: "https://github.com/jdauphant/patch-bash-shellshock ", }, { title: "exploit-CVE-2014-6271", trust: 0.1, url: "https://github.com/opsxcq/exploit-CVE-2014-6271 ", }, { title: "Pentest-In-Docker", trust: 0.1, url: "https://github.com/Swordfish-Security/Pentest-In-Docker ", }, { title: "dokku-alt", trust: 0.1, url: "https://github.com/dokku-alt/dokku-alt ", }, { title: "linux-pentest", trust: 0.1, url: "https://github.com/ankh2054/linux-pentest ", }, { title: "Exploit-Shellshock", trust: 0.1, url: "https://github.com/mrigank-9594/Exploit-Shellshock ", }, { title: "w-test", trust: 0.1, url: "https://github.com/inspirion87/w-test ", }, { title: "Xpl-SHELLSHOCK-Ch3ck", trust: 0.1, url: "https://github.com/googleinurl/Xpl-SHELLSHOCK-Ch3ck ", }, { title: "bashcheck", trust: 0.1, url: "https://github.com/hannob/bashcheck ", }, { title: "shocktrooper", trust: 0.1, url: "https://github.com/EvanK/shocktrooper ", }, { title: "ShellShockHunter", trust: 0.1, url: "https://github.com/MrCl0wnLab/ShellShockHunter ", }, { title: "shellshockFixOSX", trust: 0.1, url: "https://github.com/opragel/shellshockFixOSX ", }, { title: "shellshocker-pocs", trust: 0.1, url: "https://github.com/mubix/shellshocker-pocs ", }, { title: "Boot2root-CTFs-Writeups", trust: 0.1, url: "https://github.com/Jean-Francois-C/Boot2root-CTFs ", }, { title: "Boot2root-CTFs-Writeups", trust: 0.1, url: "https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups ", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/researcher-takes-wraps-off-two-undisclosed-shellshock-vulnerabilities-in-bash/108674/", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/vmware-begins-to-patch-bash-issues-across-product-line/108632/", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/bash-exploit-reported-first-round-of-patches-incomplete/108550/", }, ], sources: [ { db: "VULMON", id: "CVE-2014-7169", }, { db: "CNNVD", id: "CNNVD-201409-956", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2014-7169", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140926-bash", }, { trust: 2.8, url: "https://kc.mcafee.com/corporate/index?page=content&id=sb10085", }, { trust: 2.6, url: "https://access.redhat.com/articles/1200223", }, { trust: 2.5, url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { trust: 2.5, url: "http://support.apple.com/kb/ht6495", }, { trust: 2.5, url: "https://kb.bluecoat.com/index?page=content&id=sa82", }, { trust: 2.5, url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { trust: 2, url: "https://kb.juniper.net/infocenter/index?page=content&id=jsa10648", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021272", }, { trust: 2, url: "http://www.vmware.com/security/advisories/vmsa-2014-0010.html", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { trust: 2, url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004898", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004897", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004915", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021279", }, { trust: 2, url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096315", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { trust: 1.8, url: "http://www.kb.cert.org/vuls/id/252743", }, { trust: 1.7, url: "http://twitter.com/taviso/statuses/514887394294652929", }, { trust: 1.7, url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { trust: 1.7, url: "http://www.ubuntu.com/usn/usn-2363-1", }, { trust: 1.7, url: "http://www.us-cert.gov/ncas/alerts/ta14-268a", }, { trust: 1.7, url: "http://www.debian.org/security/2014/dsa-3035", }, { trust: 1.7, url: "http://www.ubuntu.com/usn/usn-2363-2", }, { trust: 1.7, url: "http://rhn.redhat.com/errata/rhsa-2014-1306.html", }, { trust: 1.7, url: "https://www.suse.com/support/shellshock/", }, { trust: 1.7, url: "http://support.novell.com/security/cve/cve-2014-7169.html", }, { trust: 1.7, url: "http://secunia.com/advisories/61626", }, { trust: 1.7, url: "http://secunia.com/advisories/59737", }, { trust: 1.7, url: "http://secunia.com/advisories/61641", }, { trust: 1.7, url: "http://linux.oracle.com/errata/elsa-2014-3075.html", }, { trust: 1.7, url: "http://secunia.com/advisories/61700", }, { trust: 1.7, url: "http://secunia.com/advisories/61618", }, { trust: 1.7, url: "http://linux.oracle.com/errata/elsa-2014-1306.html", }, { trust: 1.7, url: "http://linux.oracle.com/errata/elsa-2014-3077.html", }, { trust: 1.7, url: "http://secunia.com/advisories/61676", }, { trust: 1.7, url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { trust: 1.7, url: "http://secunia.com/advisories/61622", }, { trust: 1.7, url: "http://linux.oracle.com/errata/elsa-2014-3078.html", }, { trust: 1.7, url: "http://secunia.com/advisories/61479", }, { trust: 1.7, url: "http://secunia.com/advisories/61619", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { trust: 1.7, url: "http://rhn.redhat.com/errata/rhsa-2014-1311.html", }, { trust: 1.7, url: "http://rhn.redhat.com/errata/rhsa-2014-1312.html", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { trust: 1.7, url: "http://secunia.com/advisories/61485", }, { trust: 1.7, url: "http://secunia.com/advisories/59907", }, { trust: 1.7, url: "http://secunia.com/advisories/61654", }, { trust: 1.7, url: "http://packetstormsecurity.com/files/128567/ca-technologies-gnu-bash-shellshock.html", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { trust: 1.7, url: "http://secunia.com/advisories/61565", }, { trust: 1.7, url: "http://secunia.com/advisories/61643", }, { trust: 1.7, url: "http://secunia.com/advisories/61633", }, { trust: 1.7, url: "http://secunia.com/advisories/61552", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { trust: 1.7, url: "http://secunia.com/advisories/61283", }, { trust: 1.7, url: "http://secunia.com/advisories/61603", }, { trust: 1.7, url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { trust: 1.7, url: "http://secunia.com/advisories/61503", }, { trust: 1.7, url: "http://secunia.com/advisories/61711", }, { trust: 1.7, url: "http://secunia.com/advisories/61715", }, { trust: 1.7, url: "http://secunia.com/advisories/61703", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2014/oct/0", }, { trust: 1.7, url: "http://packetstormsecurity.com/files/128517/vmware-security-advisory-2014-0010.html", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { trust: 1.7, url: "http://secunia.com/advisories/60947", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { trust: 1.7, url: "https://support.apple.com/kb/ht6535", }, { trust: 1.7, url: "http://secunia.com/advisories/61188", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { trust: 1.7, url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { trust: 1.7, url: "http://secunia.com/advisories/60034", }, { trust: 1.7, url: "http://secunia.com/advisories/61816", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { trust: 1.7, url: "http://secunia.com/advisories/61442", }, { trust: 1.7, url: "https://support.citrix.com/article/ctx200223", }, { trust: 1.7, url: "http://secunia.com/advisories/60055", }, { trust: 1.7, url: "http://secunia.com/advisories/61780", }, { trust: 1.7, url: "http://secunia.com/advisories/60193", }, { trust: 1.7, url: "http://secunia.com/advisories/61855", }, { trust: 1.7, url: "http://secunia.com/advisories/60325", }, { trust: 1.7, url: "http://secunia.com/advisories/61312", }, { trust: 1.7, url: "https://support.citrix.com/article/ctx200217", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004879", }, { trust: 1.7, url: "http://secunia.com/advisories/61128", }, { trust: 1.7, url: "http://secunia.com/advisories/61313", }, { trust: 1.7, url: "http://secunia.com/advisories/61287", }, { trust: 1.7, url: "http://secunia.com/advisories/61129", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { trust: 1.7, url: "http://secunia.com/advisories/61471", }, { trust: 1.7, url: "http://secunia.com/advisories/61328", }, { trust: 1.7, url: "http://secunia.com/advisories/58200", }, { trust: 1.7, url: "http://secunia.com/advisories/61857", }, { trust: 1.7, url: "http://secunia.com/advisories/61065", }, { trust: 1.7, url: "http://secunia.com/advisories/61550", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { trust: 1.7, url: "http://secunia.com/advisories/60044", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021361", }, { trust: 1.7, url: "http://secunia.com/advisories/60024", }, { trust: 1.7, url: "http://secunia.com/advisories/60063", }, { trust: 1.7, url: "http://secunia.com/advisories/61291", }, { trust: 1.7, url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk102673&src=securityalerts", }, { trust: 1.7, url: "http://secunia.com/advisories/60433", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { trust: 1.7, url: "http://jvn.jp/en/jp/jvn55667175/index.html", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { trust: 1.7, url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { trust: 1.7, url: "http://jvndb.jvn.jp/jvndb/jvndb-2014-000126", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { trust: 1.7, url: "http://rhn.redhat.com/errata/rhsa-2014-1354.html", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { trust: 1.7, url: "http://secunia.com/advisories/61873", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { trust: 1.7, url: "http://secunia.com/advisories/62343", }, { trust: 1.7, url: "http://secunia.com/advisories/62312", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { trust: 1.7, url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { trust: 1.7, url: "http://advisories.mageia.org/mgasa-2014-0393.html", }, { trust: 1.7, url: "http://www.mandriva.com/security/advisories?name=mdvsa-2015:164", }, { trust: 1.7, url: "http://secunia.com/advisories/62228", }, { trust: 1.7, url: "https://access.redhat.com/node/1200223", }, { trust: 1.7, url: "http://secunia.com/advisories/59272", }, { trust: 1.7, url: "https://www.exploit-db.com/exploits/34879/", }, { trust: 1.7, url: "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-c04518183", }, { trust: 1.7, url: "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-c04497075", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { trust: 1.7, url: "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes", }, { trust: 1.7, url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { trust: 1.6, url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-7169", }, { trust: 1.2, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/", }, { trust: 1.2, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/", }, { trust: 1.2, url: "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins", }, { trust: 1.2, url: "https://nvd.nist.gov/vuln/detail/cve-2014-6271", }, { trust: 1.1, url: "http://www.fortiguard.com/advisory/fg-ir-14-030/", }, { trust: 1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-7186", }, { trust: 1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-7187", }, { trust: 0.8, url: "http://seclists.org/oss-sec/2014/q3/650", }, { trust: 0.8, url: "http://seclists.org/oss-sec/2014/q3/688", }, { trust: 0.8, url: "http://seclists.org/oss-sec/2014/q3/685", }, { trust: 0.8, url: "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html", }, { trust: 0.8, url: "https://gist.github.com/anonymous/929d622f3b36b00c0be1", }, { trust: 0.8, url: "https://www.dfranke.us/posts/2014-09-27-shell-shock-exploitation-vectors.html", }, { trust: 0.8, url: "https://shellshocker.net/#", }, { trust: 0.8, url: "https://www.barracuda.com/support/techalerts", }, { trust: 0.8, url: "http://www.checkpoint.com/blog/protecting-shellshock/index.html", }, { trust: 0.8, url: "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10044", }, { trust: 0.8, url: "https://www.debian.org/security/2014/dsa-3032", }, { trust: 0.8, url: "http://learn.extremenetworks.com/rs/extreme/images/vn-2014-001-%20gnu%20bash%20threats%20-cve-2014-7169%20rev01.pdf", }, { trust: 0.8, url: "http://fedoramagazine.org/shellshock-update-bash-packages-that-resolve-cve-2014-6271-and-cve-2014-7169-available/", }, { trust: 0.8, url: "http://www.gentoo.org/security/en/glsa/glsa-201409-09.xml", }, { trust: 0.8, url: "http://alerts.hp.com/r?2.1.3kt.2zr.15ee22.l8mgqe..n.ghvs.8f9a.bw89mq%5f%5fdbosfqk0", }, { trust: 0.8, url: "http://kb.juniper.net/jsa10648", }, { trust: 0.8, url: "http://jpn.nec.com/security-info/av14-003.html", }, { trust: 0.8, url: "http://support.novell.com/security/cve/cve-2014-6271.html", }, { trust: 0.8, url: "https://www.suse.com/support/kb/doc.php?id=7015702", }, { trust: 0.8, url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.522193", }, { trust: 0.8, url: "http://www.ubuntu.com/usn/usn-2362-1/", }, { trust: 0.8, url: "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us&cmd=displaykc&externalid=2090740", }, { trust: 0.8, url: "http://pkgsrc.se/files.php?messageid=20140925202832.9ad9c98@cvs.netbsd.org", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2014-6277", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2014-6278", }, { trust: 0.5, url: "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea", }, { trust: 0.3, url: "http://lcamtuf.blogspot.de/2014/09/bash-bug-apply-unofficial-patch-now.html", }, { trust: 0.3, url: "http://www.gnu.org/software/bash/", }, { trust: 0.3, url: "https://lists.gnu.org/archive/html/bug-bash/2014-10/msg00040.html", }, { trust: 0.3, url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk102673", }, { trust: 0.3, url: "https://kc.mcafee.com/corporate/index?page=content&id=kb83017", }, { trust: 0.3, url: "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_bash", }, { trust: 0.3, url: "http://lcamtuf.blogspot.in/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { trust: 0.3, url: "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_vulnerabilities_in_bash_affect_certain_qlogic_products_that_ibm_resells_for_bladecenter_and_flex_system_products_cve_2014_6271_c", }, { trust: 0.3, url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-372538.htm", }, { trust: 0.3, url: "http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html?ref=rss", }, { trust: 0.3, url: "http://www.ibm.com/support/docview.wss?uid=ssg1s1004932", }, { trust: 0.3, url: "http://www.ibm.com/support/docview.wss?uid=swg21686433", }, { trust: 0.3, url: "http://www.ibm.com/support/docview.wss?uid=isg3t1021361", }, { trust: 0.3, url: "http://www.ibm.com/support/docview.wss?uid=swg21686494", }, { trust: 0.3, url: "http://www.ibm.com/support/docview.wss?uid=swg21686445", }, { trust: 0.3, url: "http://www.ibm.com/support/docview.wss?uid=ssg1s1004903", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004928", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004911", }, { trust: 0.3, url: "http://www.ibm.com/support/docview.wss?uid=swg21686479", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04497075", }, { trust: 0.3, url: "http://seclists.org/fulldisclosure/2014/oct/25", }, { trust: 0.3, url: "http://kb.juniper.net/infocenter/index?page=content&id=jsa10661&cat=sirt_1&actp=list", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/100183172", }, { trust: 0.3, url: "https://ics-cert.us-cert.gov/advisories/supplement-icsa-14-269-01", }, { trust: 0.3, url: "http://www.kb.cert.org/vuls/id/bluu-9paps5", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479398", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479402", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479601", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479505", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479492", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04475942", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04471532", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04488200", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04478866", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479536", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04540692", }, { trust: 0.3, url: "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04561445", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04471546", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04471538", }, { trust: 0.3, url: "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04497042", }, { trust: 0.3, url: "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04512907 ", }, { trust: 0.3, url: "http://seclists.org/bugtraq/2015/feb/76", }, { trust: 0.3, url: "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04558068", }, { trust: 0.3, url: "http://seclists.org/bugtraq/2015/feb/77", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04487558", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04487573", }, { trust: 0.3, url: "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04496383", }, { trust: 0.3, url: "http://www.kb.cert.org/vuls/id/bluu-9paptm", }, { trust: 0.3, url: "http://www.kb.cert.org/vuls/id/bluu-9paptz", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/1a2e5-5116a33c2fb27/cert_security_mini-_bulletin_xrx15k_for_77xx_r15-03_v1.0.pdf", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/2b8d8-513128526dd97/cert_security_mini-_bulletin_xrx15m_for_wc75xx_v1_1.pdf", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/2eeef-51056e459c6d8/cert_security_mini-_bulletin_xrx15h_for_p7800_v1_0.pdf", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/2a20e-5105457a515cc/cert_security_mini-_bulletin_xrx15e_for_wc57xx_v1_0.pdf", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/2a901-510567b876a35/cert_security_mini-_bulletin_xrx15g_for_p6700_v1_0.pdf", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/29a7e-50e49f9c009f9/cert_security_mini_bulletin_xrx14g_for_77xx_v1.1.pdf", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/1a7a1-50f12e334b734/cert_security_mini-_bulletin_xrx14h_for_wc59xx_v1.pdf", }, { trust: 0.3, url: "https://www.xerox.com/download/security/security-bulletin/2df3c-51055b159fd50/cert_security_mini_bulletin_xrx15f_for_connectkey_1.5_v1-01.pdf", }, { trust: 0.3, url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-377648.htm", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004982", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004879", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685873", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=swg21686132", }, { trust: 0.3, url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096533", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=swg21686024", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686037", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=swg21685733", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686171", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=swg21686098", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685875", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020272", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=swg21685541", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004905", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685673", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=swg21685837", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687971", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685691", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004933", }, { trust: 0.3, url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096503", }, { trust: 0.3, url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004945", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/100183088", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2014-7169", }, { trust: 0.2, url: "http://www.debian.org/security/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2104-6277", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2104-6278", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/78.html", }, { trust: 0.1, url: "https://github.com/chefrycar/cookbook_shellshock", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://ics-cert.us-cert.gov/advisories/icsa-14-269-01a", }, { trust: 0.1, url: "https://www.exploit-db.com/exploits/36933/", }, { trust: 0.1, url: "http://www.debian.org/security/faq", }, { trust: 0.1, url: "http://www.hp.com/support/eslg3", }, { trust: 0.1, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-7187", }, { trust: 0.1, url: "https://rhn.redhat.com/errata/rhsa-2014-1865.html", }, { trust: 0.1, url: "https://bugzilla.redhat.com/):", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://access.redhat.com/articles/11258", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-7186", }, { trust: 0.1, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#important", }, ], sources: [ { db: "CERT/CC", id: "VU#252743", }, { db: "VULMON", id: "CVE-2014-7169", }, { db: "BID", id: "70166", }, { db: "PACKETSTORM", id: "128431", }, { db: "PACKETSTORM", id: "128753", }, { db: "PACKETSTORM", id: "129069", }, { db: "PACKETSTORM", id: "129067", }, { db: "PACKETSTORM", id: "128864", }, { db: "PACKETSTORM", id: "128752", }, { db: "PACKETSTORM", id: "128666", }, { db: "PACKETSTORM", id: "129132", }, { db: "PACKETSTORM", id: "129264", }, { db: "PACKETSTORM", id: "129095", }, { db: "PACKETSTORM", id: "128545", }, { db: "PACKETSTORM", id: "128513", }, { db: "PACKETSTORM", id: "128546", }, { db: "PACKETSTORM", id: "128755", }, { db: "CNNVD", id: "CNNVD-201409-956", }, { db: "NVD", id: "CVE-2014-7169", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#252743", }, { db: "VULMON", id: "CVE-2014-7169", }, { db: "BID", id: "70166", }, { db: "PACKETSTORM", id: "128431", }, { db: "PACKETSTORM", id: "128753", }, { db: "PACKETSTORM", id: "129069", }, { db: "PACKETSTORM", id: "129067", }, { db: "PACKETSTORM", id: "128864", }, { db: "PACKETSTORM", id: "128752", }, { db: "PACKETSTORM", id: "128666", }, { db: "PACKETSTORM", id: "129132", }, { db: "PACKETSTORM", id: "129264", }, { db: "PACKETSTORM", id: "129095", }, { db: "PACKETSTORM", id: "128545", }, { db: "PACKETSTORM", id: "128513", }, { db: "PACKETSTORM", id: "128546", }, { db: "PACKETSTORM", id: "128755", }, { db: "CNNVD", id: "CNNVD-201409-956", }, { db: "NVD", id: "CVE-2014-7169", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-09-25T00:00:00", db: "CERT/CC", id: "VU#252743", }, { date: "2014-09-25T00:00:00", db: "VULMON", id: "CVE-2014-7169", }, { date: "2014-09-27T00:00:00", db: "BID", id: "70166", }, { date: "2014-09-26T14:38:27", db: "PACKETSTORM", id: "128431", }, { date: "2014-10-20T13:55:00", db: "PACKETSTORM", id: "128753", }, { date: "2014-11-12T18:13:47", db: "PACKETSTORM", id: "129069", }, { date: "2014-11-12T18:13:32", db: "PACKETSTORM", id: "129067", }, { date: "2014-10-27T23:44:00", db: "PACKETSTORM", id: "128864", }, { date: "2014-10-20T13:14:00", db: "PACKETSTORM", id: "128752", }, { date: "2014-10-14T23:07:16", db: "PACKETSTORM", id: "128666", }, { date: "2014-11-17T23:31:07", db: "PACKETSTORM", id: "129132", }, { date: "2014-11-26T15:07:58", db: "PACKETSTORM", id: "129264", }, { date: "2014-11-13T17:15:31", db: "PACKETSTORM", id: "129095", }, { date: "2014-10-03T23:31:42", db: "PACKETSTORM", id: "128545", }, { date: "2014-10-01T14:44:00", db: "PACKETSTORM", id: "128513", }, { date: "2014-10-03T23:32:04", db: "PACKETSTORM", id: "128546", }, { date: "2014-10-20T14:02:00", db: "PACKETSTORM", id: "128755", }, { date: "2014-09-26T00:00:00", db: "CNNVD", id: "CNNVD-201409-956", }, { date: "2014-09-25T01:55:04.367000", db: "NVD", id: "CVE-2014-7169", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-04-14T00:00:00", db: "CERT/CC", id: "VU#252743", }, { date: "2021-11-17T00:00:00", db: "VULMON", id: "CVE-2014-7169", }, { date: "2016-07-05T21:53:00", db: "BID", id: "70166", }, { date: "2021-11-08T00:00:00", db: "CNNVD", id: "CNNVD-201409-956", }, { date: "2024-11-21T02:16:26.753000", db: "NVD", id: "CVE-2014-7169", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "129132", }, { db: "CNNVD", id: "CNNVD-201409-956", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "GNU Bash shell executes commands in exported functions in environment variables", sources: [ { db: "CERT/CC", id: "VU#252743", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "operating system commend injection", sources: [ { db: "CNNVD", id: "CNNVD-201409-956", }, ], trust: 0.6, }, }
gsd-2014-7169
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
Aliases
Aliases
{ GSD: { alias: "CVE-2014-7169", description: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", id: "GSD-2014-7169", references: [ "https://www.suse.com/security/cve/CVE-2014-7169.html", "https://www.debian.org/security/2014/dsa-3035", "https://access.redhat.com/errata/RHSA-2014:1865", "https://access.redhat.com/errata/RHSA-2014:1354", "https://access.redhat.com/errata/RHSA-2014:1312", "https://access.redhat.com/errata/RHSA-2014:1311", "https://access.redhat.com/errata/RHSA-2014:1306", "https://ubuntu.com/security/CVE-2014-7169", "https://advisories.mageia.org/CVE-2014-7169.html", "https://alas.aws.amazon.com/cve/html/CVE-2014-7169.html", "https://linux.oracle.com/cve/CVE-2014-7169.html", "https://packetstormsecurity.com/files/cve/CVE-2014-7169", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2014-7169", ], details: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", id: "GSD-2014-7169", modified: "2023-12-13T01:22:47.544362Z", schema_version: "1.4.0", }, }, namespaces: { "cisa.gov": { cveID: "CVE-2014-7169", dateAdded: "2022-01-28", dueDate: "2022-07-28", product: "Bourne-Again Shell (Bash)", requiredAction: "Apply updates per vendor instructions.", shortDescription: "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.", vendorProject: "GNU", vulnerabilityName: "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability", }, "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7169", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "HPSBMU03165", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBHF03119", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { name: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", refsource: "CONFIRM", url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "openSUSE-SU-2014:1229", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "61188", refsource: "SECUNIA", url: "http://secunia.com/advisories/61188", }, { name: "JVN#55667175", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", refsource: "SECUNIA", url: "http://secunia.com/advisories/61676", }, { name: "openSUSE-SU-2014:1254", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", refsource: "SECUNIA", url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "RHSA-2014:1306", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "HPSBST03155", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", refsource: "SECUNIA", url: "http://secunia.com/advisories/61715", }, { name: "USN-2363-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2363-2", }, { name: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", refsource: "SECUNIA", url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", refsource: "SECUNIA", url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", refsource: "SECUNIA", url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", refsource: "SECUNIA", url: "http://secunia.com/advisories/61654", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015701", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", refsource: "SECUNIA", url: "http://secunia.com/advisories/62312", }, { name: "59272", refsource: "SECUNIA", url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { name: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", refsource: "CONFIRM", url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "RHSA-2014:1312", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "USN-2363-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "SSRT101868", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", refsource: "SECUNIA", url: "http://secunia.com/advisories/61703", }, { name: "http://support.apple.com/kb/HT6495", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", refsource: "SECUNIA", url: "http://secunia.com/advisories/61065", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3075.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "HPSBST03129", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { name: "http://support.novell.com/security/cve/CVE-2014-7169.html", refsource: "CONFIRM", url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", refsource: "CERT", url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "61641", refsource: "SECUNIA", url: "http://secunia.com/advisories/61641", }, { name: "SUSE-SU-2014:1247", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { name: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", refsource: "CONFIRM", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "https://access.redhat.com/node/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/node/1200223", }, { name: "SUSE-SU-2014:1287", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", refsource: "APPLE", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "61619", refsource: "SECUNIA", url: "http://secunia.com/advisories/61619", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3078.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "HPSBMU03220", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", refsource: "SECUNIA", url: "http://secunia.com/advisories/60325", }, { name: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", refsource: "CONFIRM", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", refsource: "SECUNIA", url: "http://secunia.com/advisories/60024", }, { name: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/34879/", }, { name: "61622", refsource: "SECUNIA", url: "http://secunia.com/advisories/61622", }, { name: "https://access.redhat.com/articles/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/articles/1200223", }, { name: "62343", refsource: "SECUNIA", url: "http://secunia.com/advisories/62343", }, { name: "http://advisories.mageia.org/MGASA-2014-0393.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "61565", refsource: "SECUNIA", url: "http://secunia.com/advisories/61565", }, { name: "https://www.suse.com/support/shellshock/", refsource: "CONFIRM", url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", refsource: "SECUNIA", url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", refsource: "SECUNIA", url: "http://secunia.com/advisories/61873", }, { name: "61485", refsource: "SECUNIA", url: "http://secunia.com/advisories/61485", }, { name: "openSUSE-SU-2014:1242", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "61618", refsource: "SECUNIA", url: "http://secunia.com/advisories/61618", }, { name: "60947", refsource: "SECUNIA", url: "http://secunia.com/advisories/60947", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "https://support.apple.com/kb/HT6535", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", refsource: "SECUNIA", url: "http://secunia.com/advisories/61312", }, { name: "60193", refsource: "SECUNIA", url: "http://secunia.com/advisories/60193", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "61479", refsource: "SECUNIA", url: "http://secunia.com/advisories/61479", }, { name: "60063", refsource: "SECUNIA", url: "http://secunia.com/advisories/60063", }, { name: "60034", refsource: "SECUNIA", url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { name: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", refsource: "MISC", url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", refsource: "SECUNIA", url: "http://secunia.com/advisories/59907", }, { name: "58200", refsource: "SECUNIA", url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", refsource: "SECUNIA", url: "http://secunia.com/advisories/61643", }, { name: "http://twitter.com/taviso/statuses/514887394294652929", refsource: "MISC", url: "http://twitter.com/taviso/statuses/514887394294652929", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015721", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", refsource: "SECUNIA", url: "http://secunia.com/advisories/61503", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBGN03117", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { name: "http://www.qnap.com/i/en/support/con_show.php?cid=61", refsource: "CONFIRM", url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", refsource: "SECUNIA", url: "http://secunia.com/advisories/61552", }, { name: "61780", refsource: "SECUNIA", url: "http://secunia.com/advisories/61780", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { name: "https://support.citrix.com/article/CTX200223", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200223", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3077.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", refsource: "SECUNIA", url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", refsource: "SECUNIA", url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", refsource: "SECUNIA", url: "http://secunia.com/advisories/60044", }, { name: "61291", refsource: "SECUNIA", url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", refsource: "SECUNIA", url: "http://secunia.com/advisories/59737", }, { name: "61287", refsource: "SECUNIA", url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", refsource: "SECUNIA", url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "RHSA-2014:1311", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "61128", refsource: "SECUNIA", url: "http://secunia.com/advisories/61128", }, { name: "DSA-3035", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3035", }, { name: "https://support.citrix.com/article/CTX200217", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", refsource: "SECUNIA", url: "http://secunia.com/advisories/61471", }, { name: "60055", refsource: "SECUNIA", url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", refsource: "SECUNIA", url: "http://secunia.com/advisories/61550", }, { name: "61633", refsource: "SECUNIA", url: "http://secunia.com/advisories/61633", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1306.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA82", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "SUSE-SU-2014:1259", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61328", refsource: "SECUNIA", url: "http://secunia.com/advisories/61328", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", refsource: "SECUNIA", url: "http://secunia.com/advisories/61129", }, { name: "61700", refsource: "SECUNIA", url: "http://secunia.com/advisories/61700", }, { name: "61626", refsource: "SECUNIA", url: "http://secunia.com/advisories/61626", }, { name: "61603", refsource: "SECUNIA", url: "http://secunia.com/advisories/61603", }, { name: "61857", refsource: "SECUNIA", url: "http://secunia.com/advisories/61857", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.05:b:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.01.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.02:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:3.0.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.02.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.03:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.04:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:3.2.48:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:1.14.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.05:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:2.05:a:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:gnu:bash:4.0:rc1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7169", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "http://twitter.com/taviso/statuses/514887394294652929", refsource: "MISC", tags: [], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", refsource: "MLIST", tags: [], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", refsource: "MISC", tags: [], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "USN-2363-1", refsource: "UBUNTU", tags: [], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "TA14-268A", refsource: "CERT", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", refsource: "CISCO", tags: [], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "DSA-3035", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2014/dsa-3035", }, { name: "VU#252743", refsource: "CERT-VN", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "USN-2363-2", refsource: "UBUNTU", tags: [], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { name: "RHSA-2014:1306", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "https://www.suse.com/support/shellshock/", refsource: "CONFIRM", tags: [], url: "https://www.suse.com/support/shellshock/", }, { name: "http://support.novell.com/security/cve/CVE-2014-7169.html", refsource: "CONFIRM", tags: [], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA82", refsource: "CONFIRM", tags: [], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "http://support.apple.com/kb/HT6495", refsource: "CONFIRM", tags: [], url: "http://support.apple.com/kb/HT6495", }, { name: "61626", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61626", }, { name: "59737", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/59737", }, { name: "61641", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61641", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3075.html", refsource: "CONFIRM", tags: [], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "61700", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61700", }, { name: "61618", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61618", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1306.html", refsource: "CONFIRM", tags: [], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3077.html", refsource: "CONFIRM", tags: [], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { name: "61676", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61676", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015701", refsource: "CONFIRM", tags: [], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { name: "61622", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61622", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3078.html", refsource: "CONFIRM", tags: [], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { name: "61479", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61479", }, { name: "61619", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61619", }, { name: "SUSE-SU-2014:1247", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { name: "RHSA-2014:1311", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "RHSA-2014:1312", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { name: "HPSBGN03117", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { name: "openSUSE-SU-2014:1242", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "openSUSE-SU-2014:1229", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { name: "HPSBHF03119", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { name: "openSUSE-SU-2014:1254", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "SUSE-SU-2014:1259", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61485", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61485", }, { name: "59907", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/59907", }, { name: "61654", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61654", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", refsource: "MISC", tags: [], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "HPSBHF03124", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "61565", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61565", }, { name: "61643", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61643", }, { name: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", refsource: "CONFIRM", tags: [], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "61633", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61633", }, { name: "61552", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61552", }, { name: "HPSBST03122", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { name: "61283", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61283", }, { name: "61603", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61603", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", refsource: "CONFIRM", tags: [], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015721", refsource: "CONFIRM", tags: [], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { name: "61503", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61503", }, { name: "61711", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61711", }, { name: "61715", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61715", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "61703", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61703", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "FULLDISC", tags: [], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", refsource: "MISC", tags: [], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", refsource: "CONFIRM", tags: [], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "SUSE-SU-2014:1287", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { name: "60947", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60947", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { name: "https://support.apple.com/kb/HT6535", refsource: "CONFIRM", tags: [], url: "https://support.apple.com/kb/HT6535", }, { name: "61188", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61188", }, { name: "HPSBHF03125", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "APPLE-SA-2014-10-16-1", refsource: "APPLE", tags: [], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { name: "HPSBMU03133", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { name: "HPSBGN03138", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "60034", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60034", }, { name: "61816", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61816", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61442", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61442", }, { name: "https://support.citrix.com/article/CTX200223", refsource: "CONFIRM", tags: [], url: "https://support.citrix.com/article/CTX200223", }, { name: "60055", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60055", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { name: "61780", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61780", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "60193", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60193", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "61855", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61855", }, { name: "60325", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60325", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "61312", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61312", }, { name: "https://support.citrix.com/article/CTX200217", refsource: "CONFIRM", tags: [], url: "https://support.citrix.com/article/CTX200217", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { name: "61128", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61128", }, { name: "61313", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61313", }, { name: "61287", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61287", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { name: "61129", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61129", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", refsource: "CONFIRM", tags: [], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", refsource: "CONFIRM", tags: [], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "61471", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61471", }, { name: "61328", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61328", }, { name: "58200", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/58200", }, { name: "61857", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61857", }, { name: "61065", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61065", }, { name: "61550", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61550", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { name: "60044", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60044", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "60024", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60024", }, { name: "60063", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60063", }, { name: "61291", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61291", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", refsource: "CONFIRM", tags: [], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "60433", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/60433", }, { name: "HPSBGN03142", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "openSUSE-SU-2014:1310", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "JVN#55667175", refsource: "JVN", tags: [], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "HPSBST03131", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "http://www.qnap.com/i/en/support/con_show.php?cid=61", refsource: "CONFIRM", tags: [], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBMU03143", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "openSUSE-SU-2014:1308", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "HPSBST03129", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBHF03146", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03141", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "HPSBST03157", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "HPSBMU03144", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { name: "JVNDB-2014-000126", refsource: "JVNDB", tags: [], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", refsource: "CONFIRM", tags: [], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "RHSA-2014:1354", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBHF03145", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { name: "61873", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/61873", }, { name: "HPSBST03181", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "HPSBST03155", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { name: "HPSBST03154", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "HPSBMU03165", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBMU03182", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "HPSBST03148", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "62343", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/62343", }, { name: "62312", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/62312", }, { name: "HPSBMU03245", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "HPSBMU03246", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "SSRT101711", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "HPSBMU03217", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "SSRT101868", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101819", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "HPSBST03195", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "http://advisories.mageia.org/MGASA-2014-0393.html", refsource: "CONFIRM", tags: [], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "MDVSA-2015:164", refsource: "MANDRIVA", tags: [], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "https://access.redhat.com/articles/1200223", refsource: "CONFIRM", tags: [], url: "https://access.redhat.com/articles/1200223", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", refsource: "CONFIRM", tags: [], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "62228", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/62228", }, { name: "https://access.redhat.com/node/1200223", refsource: "CONFIRM", tags: [], url: "https://access.redhat.com/node/1200223", }, { name: "59272", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/59272", }, { name: "34879", refsource: "EXPLOIT-DB", tags: [], url: "https://www.exploit-db.com/exploits/34879/", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", refsource: "CONFIRM", tags: [], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", refsource: "CONFIRM", tags: [], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "BUGTRAQ", tags: [], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", refsource: "CONFIRM", tags: [], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", refsource: "MISC", tags: [], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, }, lastModifiedDate: "2021-11-17T22:15Z", publishedDate: "2014-09-25T01:55Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.