Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

316 matches found

ThreatPost
ThreatPostadded 2014/10/06 8:19 a.m.15 views

Shellshock-like Vulnerability May Affect Windows

In the early hours of the Shellshock vulnerability in Bash, the running joke was that Windows administrators could sit back with a box of popcorn and a beverage and watch the Linux and UNIX admins scramble about for once. Looks like those same Windows admins may soon be dragged into the fray. As...

0.6AI score
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2014/10/06 12:0 a.m.59 views

GLSA-201409-09 : Bash: Code Injection (Shellshock)

The remote host is affected by the vulnerability described in GLSA-201409-09 Bash: Code Injection Stephane Chazelas reported that Bash incorrectly handles function definitions, allowing attackers to inject arbitrary code. Impact : A remote attacker could exploit this vulnerability to execute...

10CVSS8.9AI score0.9422EPSS
Exploits130References2
exploitpack
exploitpackadded 2014/10/06 12:0 a.m.12 views

Apache mod_cgi - Shellshock Remote Command Injection

Apache modcgi - Shellshock Remote Command Injection ! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars:...

Exploits0
exploitpack
exploitpackadded 2014/10/06 12:0 a.m.14 views

Postfix SMTP 4.2.x 4.2.48 - Shellshock Remote Command Injection

Postfix SMTP 4.2.x 4.2.48 - Shellshock Remote Command Injection !/bin/python Exploit Title: Shellshock SMTP Exploit Date: 10/3/2014 Exploit Author: fattymcwopr Vendor Homepage: gnu.org Software Link: http://ftp.gnu.org/gnu/bash/ Version: 4.2.x " argc = lensys.argv ifargc 3: usage sys.exit0 rport ...

Exploits0
Exploit DB
Exploit DBadded 2014/10/06 12:0 a.m.15606 views

Postfix SMTP 4.2.x < 4.2.48 - 'Shellshock' Remote Command Injection

!/bin/python Exploit Title: Shellshock SMTP Exploit Date: 10/3/2014 Exploit Author: fattymcwopr Vendor Homepage: gnu.org Software Link: http://ftp.gnu.org/gnu/bash/ Version: 4.2.x " argc = lensys.argv ifargc 3: usage sys.exit0 rport = 25 rhost = sys.argv1 cmd = sys.argv2 headers = "To",...

7AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2014/10/06 12:0 a.m.49 views

GLSA-201410-01 : Bash: Multiple vulnerabilities (Shellshock)

The remote host is affected by the vulnerability described in GLSA-201410-01 Bash: Multiple vulnerabilities Florian Weimer, Todd Sabin, Michal Zalewski et al. discovered further parsing flaws in Bash. The unaffected Gentoo packages listed in this GLSA contain the official patches to fix the issue...

10CVSS7.7AI score0.91694EPSS
Exploits39References5
Exploit DB
Exploit DBadded 2014/10/06 12:0 a.m.97 views

Bash CGI - 'Shellshock' Remote Command Injection (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Shellshock Bashed CGI RCE', 'Description' = %q This module exploits the shellshock vulnerability in apache cgi. It allows you to excu...

10CVSS7AI score0.9422EPSS
Exploits130
exploitpack
exploitpackadded 2014/10/06 12:0 a.m.31 views

Bash CGI - Shellshock Remote Command Injection (Metasploit)

Bash CGI - Shellshock Remote Command Injection Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Shellshock Bashed CGI RCE', 'Description' = %q This module exploits the...

0.2AI score0.9422EPSS
Exploits130
Exploit DB
Exploit DBadded 2014/10/06 12:0 a.m.50 views

Apache mod_cgi - 'Shellshock' Remote Command Injection

!/usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars: rhost: victim host rport: victim port for TCP shell...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2014/10/06 12:0 a.m.202 views

Apache mod_cgi Remote Command Execution

! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars: rhost: victim host rport: victim port for TCP shell...

10CVSS10AI score0.9422EPSS
Exploits130
Packet Storm
Packet Stormadded 2014/10/06 12:0 a.m.856 views

Postfix SMTP Shellshock

!/bin/python Exploit Title: Shellshock SMTP Exploit Date: 10/3/2014 Exploit Author: fattymcwopr Vendor Homepage: gnu.org Software Link: http://ftp.gnu.org/gnu/bash/ Version: 4.2.x " argc = lensys.argv ifargc 3: usage sys.exit0 rport = 25 rhost = sys.argv1 cmd = sys.argv2 headers = "To",...

10CVSS10AI score0.9422EPSS
Exploits130
Tenable Nessus
Tenable Nessusadded 2014/10/06 12:0 a.m.807 views

Bash Remote Code Execution (CVE-2014-6277 / CVE-2014-6278) (Shellshock)

The remote host is running a version of Bash that is vulnerable to command injection via environment variable manipulation. Depending on the configuration of the system, an attacker could remotely execute arbitrary code. TRUSTED...

10CVSS7.5AI score0.91694EPSS
Exploits36References4
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.209 views

[security bulletin] HPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04467807 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04467807 Version: 1 HPSBGN03117 rev....

10CVSS0.9AI score0.9422EPSS
Exploits139
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.257 views

[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468293 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468293 Version: 2 HPSBHF03119 rev....

10CVSS0.3AI score0.9422EPSS
Exploits139
Exploit DB
Exploit DBadded 2014/10/04 12:0 a.m.437 views

OpenVPN 2.2.29 - 'Shellshock' Remote Command Injection

Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port 1194 proto udp dev tun client-cert-not-required...

10CVSS10AI score0.9422EPSS
Exploits130
exploitpack
exploitpackadded 2014/10/04 12:0 a.m.286 views

OpenVPN 2.2.29 - Shellshock Remote Command Injection

OpenVPN 2.2.29 - Shellshock Remote Command Injection Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port...

10CVSS10AI score0.9422EPSS
Exploits130
ThreatPost
ThreatPostadded 2014/10/03 1:35 p.m.10 views

Dennis Fisher and Mike Mimoso Discuss Bash, Shellshock and BadUSB

Dennis Fisher and Mike Mimoso talk about the Bash Shellshock bug nightmare and the BadUSB code release. Download: digitalunderground169.mp3 Music by Chris Gonsalves...

1.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2014/10/03 12:0 a.m.80 views

FreeBSD : rt42 -- vulnerabilities related to shellshock (81e2b308-4a6c-11e4-b711-6805ca0b3d42)

Best Practical reports : RT 4.2.0 and above may be vulnerable to arbitrary execution of code by way of CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, or CVE-2014-6271 -- collectively known as 'Shellshock.' This vulnerability requires a privileged user with access to an RT instance...

10CVSS8AI score0.9422EPSS
Exploits157References7
Packet Storm
Packet Stormadded 2014/10/03 12:0 a.m.239 views

Shellshock Bashed CGI RCE

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Shellshock Bashed CGI RCE', 'Description' = %q This module exploits the shellshock vulnerability in apache cgi. It allows you to excu...

10CVSS10AI score0.9422EPSS
Exploits130
myhack58
myhack58added 2014/10/02 12:0 a.m.25 views

ShellShock(BashDoor repair method-vulnerability warning-the black bar safety net

Check your system is not there to Bash the Door the vulnerability of the command: env-i X=' a=' bash-c 'echo date'; cat echo If vulnerability exists, the output result does not date the words, the following diagram is to repair success after the screenshots: ! shell shock, bash door, fix Cent OS...

1AI score
Exploits0
Rows per page
Query Builder