CVE-2012-3410

Published: Aug 27, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20120712 Re: CVE Request: Overflow fix in bash 4.2 patch 33

mailing-list

x_refsource_MLIST

MDVSA-2012:128

vendor-advisory

x_refsource_MANDRIVA

bash-devfd-bo(77551)

vdb-entry

x_refsource_XF

openSUSE-SU-2012:0898

vendor-advisory

x_refsource_SUSE

51086

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20120711 CVE Request: Overflow fix in bash 4.2 patch 33

mailing-list

x_refsource_MLIST

54937

vdb-entry

x_refsource_BID

GLSA-201210-05

vendor-advisory

x_refsource_GENTOO

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278

x_refsource_MISC

[oss-security] 20120712 Re: CVE Request: Overflow fix in bash 4.2 patch 33

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-3410

Description

Affected Products

References