Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-6711

Опубликовано: 18 июн. 2019
Источник: redhat
CVSS3: 7
EPSS Низкий

Описание

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().

Отчет

Impact set to Moderate as the flaw requires the usage of echo -e built-in function with a string controlled by the attacker. Abusing this flaw would allow an attacker to, at most, execute code with the privileges of the bash process, which could be used e.g. to escape a restricted shell in case of a local attacker scenario or remotely execute code in case of a bash script that accepts untrusted input from the network. However we do not recommend to use bash scripts to handle untrusted data from the network.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5bashNot affected
Red Hat Enterprise Linux 6bashNot affected
Red Hat Enterprise Linux 7bashWill not fix
Red Hat Enterprise Linux 8bashNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1721071bash: heap-based buffer overflow during echo of unsupported characters

EPSS

Процентиль: 34%
0.00139
Низкий

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2012-6711

CVSS3: 7
ubuntu
больше 6 лет назад

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().

nvd логотип

CVE-2012-6711

CVSS3: 7
nvd
больше 6 лет назад

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().

debian логотип

CVE-2012-6711

CVSS3: 7
debian
больше 6 лет назад

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide c ...

suse-cvrf логотип

SUSE-SU-2019:2976-1

suse-cvrf
около 6 лет назад

Security update for bash

github логотип

GHSA-rwf6-27gf-7q62

CVSS3: 7.8
github
почти 4 года назад

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().

EPSS

Процентиль: 34%
0.00139
Низкий

7 High

CVSS3