CVE-2016-0634
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-0634
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0634.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-0634
- Related
- Published
- 2017-08-28T15:29:01Z
- Modified
- 2024-08-01T07:31:33.230971Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
- References
-
- http://rhn.redhat.com/errata/RHSA-2017-0725.html
- http://www.securityfocus.com/bid/92999
- https://access.redhat.com/errata/RHSA-2017:1931
- https://bugzilla.redhat.com/show_bug.cgi?id=1377613
- https://security.gentoo.org/glsa/201612-39
- http://www.openwall.com/lists/oss-security/2016/09/16/12
- http://www.openwall.com/lists/oss-security/2016/09/16/8
- http://www.openwall.com/lists/oss-security/2016/09/18/11
- http://www.openwall.com/lists/oss-security/2016/09/19/7
- http://www.openwall.com/lists/oss-security/2016/09/20/1
- http://www.openwall.com/lists/oss-security/2016/09/27/9
- http://www.openwall.com/lists/oss-security/2016/09/29/27
- http://www.openwall.com/lists/oss-security/2016/10/07/6
- http://www.openwall.com/lists/oss-security/2016/10/10/3
- http://www.openwall.com/lists/oss-security/2016/10/10/4
- https://security.alpinelinux.org/vuln/CVE-2016-0634
- https://security-tracker.debian.org/tracker/CVE-2016-0634
Affected packages
Alpine:v3.10 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.11 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.12 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.13 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.14 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.15 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.16 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.17 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.18 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.19 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.20 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.7 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.8 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Alpine:v3.9 / bash
Package
- Name
- bash
- Purl
- pkg:apk/alpine/bash?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.12-r1
Affected versions
4.*
4.0.035-r0
4.1.002-r0
4.1.005-r0
4.1.005-r1
4.1.007-r0
4.1.009-r0
4.1.009-r1
4.2.008-r0
4.2.010-r0
4.2.020-r0
4.2.024-r0
4.2.028-r0
4.2.029-r0
4.2.036-r0
4.2.037-r0
4.2.039-r0
4.2.042-r0
4.2.045-r0
4.2.045-r1
4.3-r1
4.3.011-r1
4.3.011-r2
4.3.018-r2
4.3.025-r0
4.3.025-r1
4.3.026-r1
4.3.27-r0
4.3.28-r0
4.3.29-r0
4.3.30-r0
4.3.33-r0
4.3.33-r1
4.3.42-r0
4.3.42-r1
4.3.42-r2
4.3.42-r3
4.3.46-r3
4.3.46-r4
4.3.48-r0
4.3.48-r1
4.3.48-r2
4.4.12-r0
Debian:11 / bash
Package
- Name
- bash
- Purl
- pkg:deb/debian/bash?arch=source
Debian:12 / bash
Package
- Name
- bash
- Purl
- pkg:deb/debian/bash?arch=source
Debian:13 / bash
Package
- Name
- bash
- Purl
- pkg:deb/debian/bash?arch=source