Veracode Vulnerability DatabaseVERACODE:11431Remote Code Execution (RCE)
0.976 High
EPSS
Percentile
100.0%
bash is vulnerable to remote code execution (RCE) attacks. The vulnerability exists as GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka “ShellShock.” NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
advisories.mageia.org/MGASA-2014-0388.html
archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
jvn.jp/en/jp/JVN55667175/index.html
jvndb.jvn.jp/jvndb/JVNDB-2014-000126
kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html
linux.oracle.com/errata/ELSA-2014-1293.html
linux.oracle.com/errata/ELSA-2014-1294.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html
lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html
lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
lists.opensuse.org/opensuse-updates/2014-10/msg00023.html
lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
marc.info/?l=bugtraq&m=141216207813411&w=2
marc.info/?l=bugtraq&m=141216668515282&w=2
marc.info/?l=bugtraq&m=141235957116749&w=2
marc.info/?l=bugtraq&m=141319209015420&w=2
marc.info/?l=bugtraq&m=141330425327438&w=2
marc.info/?l=bugtraq&m=141330468527613&w=2
marc.info/?l=bugtraq&m=141345648114150&w=2
marc.info/?l=bugtraq&m=141383026420882&w=2
marc.info/?l=bugtraq&m=141383081521087&w=2
marc.info/?l=bugtraq&m=141383138121313&w=2
marc.info/?l=bugtraq&m=141383196021590&w=2
marc.info/?l=bugtraq&m=141383244821813&w=2
marc.info/?l=bugtraq&m=141383304022067&w=2
marc.info/?l=bugtraq&m=141383353622268&w=2
marc.info/?l=bugtraq&m=141383465822787&w=2
marc.info/?l=bugtraq&m=141450491804793&w=2
marc.info/?l=bugtraq&m=141576728022234&w=2
marc.info/?l=bugtraq&m=141577137423233&w=2
marc.info/?l=bugtraq&m=141577241923505&w=2
marc.info/?l=bugtraq&m=141577297623641&w=2
marc.info/?l=bugtraq&m=141585637922673&w=2
marc.info/?l=bugtraq&m=141694386919794&w=2
marc.info/?l=bugtraq&m=141879528318582&w=2
marc.info/?l=bugtraq&m=142113462216480&w=2
marc.info/?l=bugtraq&m=142118135300698&w=2
marc.info/?l=bugtraq&m=142358026505815&w=2
marc.info/?l=bugtraq&m=142358078406056&w=2
marc.info/?l=bugtraq&m=142546741516006&w=2
marc.info/?l=bugtraq&m=142719845423222&w=2
marc.info/?l=bugtraq&m=142721162228379&w=2
marc.info/?l=bugtraq&m=142805027510172&w=2
packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html
packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html
packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html
packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html
rhn.redhat.com/errata/RHSA-2014-1293.html
rhn.redhat.com/errata/RHSA-2014-1294.html
rhn.redhat.com/errata/RHSA-2014-1295.html
rhn.redhat.com/errata/RHSA-2014-1354.html
seclists.org/fulldisclosure/2014/Oct/0
secunia.com/advisories/58200
secunia.com/advisories/59272
secunia.com/advisories/59737
secunia.com/advisories/59907
secunia.com/advisories/60024
secunia.com/advisories/60034
secunia.com/advisories/60044
secunia.com/advisories/60055
secunia.com/advisories/60063
secunia.com/advisories/60193
secunia.com/advisories/60325
secunia.com/advisories/60433
secunia.com/advisories/60947
secunia.com/advisories/61065
secunia.com/advisories/61128
secunia.com/advisories/61129
secunia.com/advisories/61188
secunia.com/advisories/61283
secunia.com/advisories/61287
secunia.com/advisories/61291
secunia.com/advisories/61312
secunia.com/advisories/61313
secunia.com/advisories/61328
secunia.com/advisories/61442
secunia.com/advisories/61471
secunia.com/advisories/61485
secunia.com/advisories/61503
secunia.com/advisories/61542
secunia.com/advisories/61547
secunia.com/advisories/61550
secunia.com/advisories/61552
secunia.com/advisories/61565
secunia.com/advisories/61603
secunia.com/advisories/61633
secunia.com/advisories/61641
secunia.com/advisories/61643
secunia.com/advisories/61654
secunia.com/advisories/61676
secunia.com/advisories/61700
secunia.com/advisories/61703
secunia.com/advisories/61711
secunia.com/advisories/61715
secunia.com/advisories/61780
secunia.com/advisories/61816
secunia.com/advisories/61855
secunia.com/advisories/61857
secunia.com/advisories/61873
secunia.com/advisories/62228
secunia.com/advisories/62312
secunia.com/advisories/62343
support.apple.com/kb/HT6495
support.novell.com/security/cve/CVE-2014-6271.html
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
www-01.ibm.com/support/docview.wss?uid=isg3T1021272
www-01.ibm.com/support/docview.wss?uid=isg3T1021279
www-01.ibm.com/support/docview.wss?uid=isg3T1021361
www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
www-01.ibm.com/support/docview.wss?uid=swg21685541
www-01.ibm.com/support/docview.wss?uid=swg21685604
www-01.ibm.com/support/docview.wss?uid=swg21685733
www-01.ibm.com/support/docview.wss?uid=swg21685749
www-01.ibm.com/support/docview.wss?uid=swg21685914
www-01.ibm.com/support/docview.wss?uid=swg21686084
www-01.ibm.com/support/docview.wss?uid=swg21686131
www-01.ibm.com/support/docview.wss?uid=swg21686246
www-01.ibm.com/support/docview.wss?uid=swg21686445
www-01.ibm.com/support/docview.wss?uid=swg21686447
www-01.ibm.com/support/docview.wss?uid=swg21686479
www-01.ibm.com/support/docview.wss?uid=swg21686494
www-01.ibm.com/support/docview.wss?uid=swg21687079
www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
www.debian.org/security/2014/dsa-3032
www.kb.cert.org/vuls/id/252743
www.mandriva.com/security/advisories?name=MDVSA-2015:164
www.novell.com/support/kb/doc.php?id=7015701
www.novell.com/support/kb/doc.php?id=7015721
www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
www.qnap.com/i/en/support/con_show.php?cid=61
www.securityfocus.com/archive/1/533593/100/0/threaded
www.securityfocus.com/bid/70103
www.ubuntu.com/usn/USN-2362-1
www.us-cert.gov/ncas/alerts/TA14-268A
www.vmware.com/security/advisories/VMSA-2014-0010.html
www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
access.redhat.com/articles/1200223
access.redhat.com/node/1200223
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=1141597
help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
kb.bluecoat.com/index?page=content&id=SA82
kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
kc.mcafee.com/corporate/index?page=content&id=SB10085
rhn.redhat.com/errata/RHSA-2014-1294.html
securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
support.apple.com/kb/HT6535
support.citrix.com/article/CTX200217
support.citrix.com/article/CTX200223
support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006
www.exploit-db.com/exploits/34879/
www.exploit-db.com/exploits/37816/
www.exploit-db.com/exploits/38849/
www.exploit-db.com/exploits/39918/
www.exploit-db.com/exploits/40619/
www.exploit-db.com/exploits/40938/
www.exploit-db.com/exploits/42938/
www.suse.com/support/shellshock/
Related
