Vulnerability CVE-2012-6711

Vulnerability Name:

CVE-2012-6711 (CCN-170873)

Assigned:

2019-06-17

Published:

2019-06-17

Updated:

2019-06-20

Summary:

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2012-6711

Source: MISC
Type: Mailing List, Patch, Third Party Advisory
http://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=863d31ae775d56b785dc5b0105b6d251515d81d5

Source: BID
Type: UNKNOWN
108824

Source: CCN
Type: Red Hat Bugzilla Bug 1721071
(CVE-2012-6711) - CVE-2012-6711 bash: heap-based buffer overflow during echo of unsupported characters

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1721071

Source: XF
Type: UNKNOWN
gnu-bash-cve20126711-bo(170873)

Source: CONFIRM
Type: UNKNOWN
https://support.f5.com/csp/article/K05122252

Source: CONFIRM
Type: UNKNOWN
https://support.f5.com/csp/article/K05122252?utm_source=f5support&utm_medium=RSS

Source: UBUNTU
Type: UNKNOWN
USN-4180-1

Source: CCN
Type: GNU Web site
Bash

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2012-6711

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:bash:*:*:*:*:*:*:*:* (Version >= 4.2 and <= 4.3)

Configuration 2:

cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:bash:4.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20126711	V	CVE-2012-6711	2022-09-02
oval:org.opensuse.security:def:42420	P	Security update for logrotate (Important)	2022-07-25
oval:org.opensuse.security:def:42323	P	Security update for gpg2 (Important)	2022-07-25
oval:org.opensuse.security:def:42375	P	Security update for xen (Moderate)	2022-05-03
oval:org.opensuse.security:def:42259	P	Security update for kernel-firmware (Important)	2022-03-31
oval:org.opensuse.security:def:41548	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:55981	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:55980	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:57111	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:57504	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:58002	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:15449	P	libxcb-dri2-0-1.10-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15665	P	libtasn1-devel-3.7-2.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42083	P	Security update for the Linux Kernel (Important)	2021-06-08
oval:org.opensuse.security:def:15740	P	finch-devel-2.10.9-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15353	P	libXt6-1.1.4-3.57 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15544	P	aaa_base-malloccheck-13.2+git20140911.61c1681-1.16 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15713	P	ImageMagick-6.8.8.1-8.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15500	P	ruby-2.1-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16378	P	xorg-x11-server-sdk-7.6_1.18.3-71.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15379	P	libgssglue1-0.4-3.76 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15638	P	libmodplug-devel-0.8.8.4-13.69 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15724	P	bind-devel-9.9.6P1-30.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15520	P	update-alternatives-1.18.4-14.216 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16401	P	binutils-devel-2.31-9.26.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15345	P	libXext6-1.3.2-3.60 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42500	P	bind-9.9.6P1-0.5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:20257	P	Security update for the Linux Kernel (Important)	2021-05-13
oval:org.opensuse.security:def:56003	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:20327	P	Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP4) (Important)	2021-03-17
oval:org.opensuse.security:def:20989	P	Security update for php74 (Important)	2021-02-19
oval:org.opensuse.security:def:20315	P	Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP4) (Important)	2021-02-10
oval:org.opensuse.security:def:57385	P	Security update for xen (Important)	2020-12-07
oval:org.opensuse.security:def:42449	P	systemtap-1.5-0.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41981	P	krb5-1.6.3-133.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:57311	P	Security update for cpio	2020-12-01
oval:org.opensuse.security:def:41559	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:40470	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:20074	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:56381	P	Security update for shadow (Moderate)	2020-12-01
oval:org.opensuse.security:def:39064	P	typelib-1_0-EvinceDocument-3_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57219	P	Security update for glibc	2020-12-01
oval:org.opensuse.security:def:39612	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:21015	P	Security update for bash (Important)	2020-12-01
oval:org.opensuse.security:def:19853	P	Security update for gcc48 (Moderate)	2020-12-01
oval:org.opensuse.security:def:41912	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:39787	P	Security update for gstreamer-plugins-bad (Low)	2020-12-01
oval:org.opensuse.security:def:19982	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:38969	P	libmysqlclient_r18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56826	P	Security update for libcroco (Moderate)	2020-12-01
oval:org.opensuse.security:def:43138	P	Security update for polkit (Important)	2020-12-01
oval:org.opensuse.security:def:39362	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:20351	P	Security update for ghostscript (Moderate)	2020-12-01
oval:org.opensuse.security:def:41651	P	Security update for dbus-1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:39720	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:19861	P	Security update for dracut (Moderate)	2020-12-01
oval:org.opensuse.security:def:40512	P	Security update for bash (Important)	2020-12-01
oval:org.opensuse.security:def:38968	P	libmikmod3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:20112	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:56554	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:39201	P	libpcap1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39671	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:39832	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:20040	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:56143	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:38980	P	libtag1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:43183	P	Security update for bash (Important)	2020-12-01
oval:org.opensuse.security:def:41547	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:39452	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:57423	P	Security update for pulseaudio	2020-12-01
oval:org.opensuse.security:def:41803	P	Security update for xscreensaver (Moderate)	2020-12-01
oval:org.opensuse.security:def:39759	P	Security update for ppp (Moderate)	2020-12-01
oval:org.opensuse.security:def:19896	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:20224	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:56660	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:39304	P	Security update for compat-openssl098 (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:201267110000000	V	CVE-2012-6711 on Ubuntu 18.04 LTS (bionic) - medium.	2019-06-18
oval:com.ubuntu.xenial:def:201267110000000	V	CVE-2012-6711 on Ubuntu 16.04 LTS (xenial) - medium.	2019-06-18

BACK