Lucene search

K
lenovoLenovoLENOVO:PS500044-NOSID
HistoryNov 16, 2016 - 12:00 a.m.

GNU Bourne-Again Shell (Bash) 'Shellshock'

2016-11-1600:00:00
support.lenovo.com
101

EPSS

0.975

Percentile

100.0%

**Lenovo Security Advisory:******LEN-2014-003

Potential Impact: Execution of arbitrary code

Severity**:** High

Summary:
GNU Bash is the common command-line shell used in many Linux/UNIX systems. The vulnerability is also referred to as “Shellshock. ” Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system. More information about this issue is available at CVE-2014-7169.

Description:
The GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271 and CVE-2014-7169) could allow attackers to gain control over a targeted computer if exploited successfully, giving them access to your data and networks. The vulnerability leverages the Bash shell, a command language interpreter. An attacker could attach malicious code to environment variables that affect the way processes are run on a computer.

Affected Products: