73 matches found
Apache Mod_cgi Bash Environment Variable Injection (Shellshock) Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache modcgi Bash Environment Variable Injection Shellshock Scanner', 'Description' = %q This module scans for the Shellshock vulnerability, a...
Security Bulletin: Vulnerabilities in bash affect IBM BladeCenter Advanced Management Module (AMM)
Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in bash. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in bash. Vulnerability Details: CVEID: CVE-2014-6277 Description: GN...
Security Bulletin: IBM System Networking Products not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)
Summary IBM System Networking Products are not vulnerable to the Bash vulnerabilities that have been referred to as Bash Bug or Shellshock and the two memory corruption vulnerabilities. Vulnerability Details Abstract IBM System Networking Products are not vulnerable to the Bash vulnerabilitie...
Security Bulletin: Vulnerabilities in bash affect SAN Volume Controller and Storwize Family (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary Security Bulletin: Vulnerabilities in Bash affect SAN Volume Controller and Storwize Family CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278 Vulnerability Details Security Bulletin --- Summary --- Six Bash vulnerabilities were disclosed in September...
Security Bulletin: Vulnerabilities in Bash affect IBM/Cisco Switches and Directors (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM/Cisco switches and directors. Vulnerability Details CVE-ID :...
Mageia: Security Advisory (MGASA-2014-0394)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2872-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Western Digital My Cloud Multiple Products < 1.05.21 'Shellshock' Vulnerability
Multiple Western Digital My Cloud products are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Security Bulletin: Vulnerabilities in Bash affect IBM SmartCloud Entry Appliance (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM SmartCloud Entry appliance. Vulnerability Details CVE-ID:...
Security Bulletin: Vulnerabilities in Bash affect multiple products shipped with Intelligent Cluster (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary Information about security vulnerabilities affecting multiple products shipped as components of Intelligent Cluster has been published in security bulletins. Vulnerability Details Abstract Information about security vulnerabilities affecting multiple products shipped as components of...
Security Bulletin: WebSphere Process Server Hypervisor Edition Bash vulnerability (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary WebSphere Process Server Hypervisor Edition might be vulnerable to CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE-2014-6278 shellshock vulnerabilities in bash delivered by UNIX-based platforms. Vulnerability Details CVE-ID: CVE-2014-6271 DESCRIPTION: GNU...
Security Bulletin: Vulnerabilities in Bash affect IBM SDN VE (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)
Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM SDN VE. Vulnerability Details CVE-ID: CVE-2014-6271 DESCRIPTION: G...
Security Bulletin: Vulnerabilities in Bash and GNU C Library affect WebSphere Transformation Extender (WTX) with Launcher Hypervisor Edition (CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-5119, CVE-2014-7186, CVE-2014-7187)
Summary Bash and GNU C Library vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock”, a heap-based buffer overflow, and two memory corruption vulnerabilities. Bash and glibc are included in Red Hat...
VulnCheck KEV: CVE-2014-6278
GNU Bash contains an OS command injection vulnerability which allows remote attackers to execute arbitrary commands via a crafted environment...
openSUSE Security Update : bash (openSUSE-2016-1374) (Shellshock)
This update for bash fixes the following issues : - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables bsc1001299 - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the...
SUSE SLED12 / SLES12 Security Update : bash (SUSE-SU-2016:2872-1) (Shellshock)
This update for bash fixes the following issues : - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables bsc1001299 - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the...
Bash environment variable command injection in Cisco UCS Manager
Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...
Bash environment variable command injection in Cisco UCS Manager
Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...
Bash environment variable command injection in Cisco UCS Manager
Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...
Bash environment variable command injection in Cisco UCS Manager
Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...