aaa_base security update
shell meta characters in file names could cause interactive
shells to execute arbitrary commands when performing tab
expansion (CVE-2011-0468).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 4171
Fixed bugs
bnc#678827
VUL-0: bash: unintended code exec on pressing tab
CVE#CVE-2011-0468
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion.
