5 matches found
Design/Logic Flaw
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and...
Gnu Bash 4.3 CGI Scan Remote Command Injection
!/usr/bin/env python http connection import urllib2 Args management import optparse Error managemen import sys banner = """ | .-----.--.--. | .---.-.-----| |--. |. || | | | |. 1 | | --| | |. | |||| |. |.|||| |: 1 | |: 1 \ |::.. . | |::.. . / -------' -------' | Y | | | | | | | | | ||| | |. l |. 1...
CVE-2014-7169
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the...
CVE-2014-7169
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the...
Design/Logic Flaw
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...