[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[upki-fed:00856] Bash$B$N@H

$B3F0L(B

$B!!9qN)>pJs3X8&5f=j!&3XG';vL36I$G$9!#(B
$BJ?AG$h$j3XG'$N;v6H$K$46(NO$r;r$j!$$"$j$,$H$&$4$6$$$^$9!#(B

$B!!(BBash$B$K4X$9$k@H$C$F9=C[$7$?(BIdP/SP$B<+?H$,(BBash$B$r8F$S=P$9$3$H$O$"$j$^$;(B
$B$s$,!$F15o$7$F$$$k(BWeb$B%"%W%j%1!<%7%g%s$dB>$N(BCGI$B%9%/%j%W%HEy$rG[CV$7$F$$(B
$B$k>l9g$KK\@HJ}$,=$(B
$B@5$5$l$?%Q%C%1!<%8$G$9!#(B

$B!&(BCentOS 5
  bash-3.2-33.el5_10.4  $B$*$h$S$=$l0J9_$N%P!<%8%g%s(B

$B!&(BCentOS 6
  bash-4.1.2-15.el6_5.2 $B$*$h$S$=$l0J9_$N%P!<%8%g%s(B

$B$=$NB>$N%G%#%9%H%j%S%e!<%7%g%s$r$4MxMQ$NJ}$O!$3F%G%#%9%H%j%S%e!<%?$N>p(B
$BJs$r$4;2>H$/$@$5$$!#(B


$B;29M>pJs!'(B

$B!&(BBash Code Injection Vulnerability via Specially Crafted Environment
  Variables (CVE-2014-6271, CVE-2014-7169)
  https://access.redhat.com/articles/1200223

$B!&(BCVE-2014-6271 bash: specially-crafted environment variables can be
  used to inject shell commands
  https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6271

$B!&(BCVE-2014-7169 bash: code execution via specially-crafted environment
  (Incomplete fix for CVE-2014-6271)
  https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-7169

$B!&(BCVE-2014-6271
  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

$B!&(BCVE-2014-7169
  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169



-- 
=========================================================
$B!!9qN)>pJs3X8&5f=j(B $B3X=Q4pHW2](B $B3XG';vL36I!!!JC4Ev!'LnED!K(B
$B!!(BTEL$B!'(B03-4212-2218$B!!(xxxxxxxxxxxxxxx@xxxxxxxxx
$B!!3XG'(BWeb$B%Z!<%8(B  https://www.gakunin.jp/
$B!!?=@A%7%9%F%`(B   https://office.gakunin.nii.ac.jp/
=========================================================