The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
Synopsis
Moderate: bash security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for bash is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base sco ...
popd controlled free:A denial of service flaw was found in the way bash handled popd commands A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session(CVE-2016-9401)
Arbitrary code execution via malicious hostname:An arbitrary command injection flaw was found in the way bash ...
An arbitrary command injection flaw was found in the way bash processed the hostname value A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances ...