Solaris 9 (x86) : 149080-02

critical Nessus Plugin ID 78113

Synopsis

The remote host is missing Sun Security Patch number 149080-02

Description

SunOS 5.9_x86: bash patch.
Date this patch was last updated by Sun : Sep/30/14

Solution

You should install this patch for your system to be up-to-date.

See Also

https://getupdates.oracle.com/readme/149080-02

http://seclists.org/oss-sec/2014/q3/650

http://www.nessus.org/u?dacf7829

https://www.invisiblethreat.ca/2014/09/cve-2014-6271/

https://blogs.oracle.com/patch/entry/solaris_idrs_available_on_mos

Plugin Details

Severity: Critical

ID: 78113

File Name: solaris9_x86_149080.nasl

Version: 1.12

Type: local

Published: 10/9/2014

Updated: 12/5/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.5

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:sun:solaris

Required KB Items: Host/local_checks_enabled, Host/Solaris/showrev

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/30/2014

CISA Known Exploited Vulnerability Due Dates: 7/28/2022

Exploitable With

Core Impact

Metasploit (Apache mod_cgi Bash Environment Variable Code Injection (Shellshock))

Reference Information

CVE: CVE-2014-6271, CVE-2014-7169

BID: 70103, 70137

CERT: 252743

IAVA: 2014-A-0142