Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

246 matches found

OpenVAS
OpenVASadded 2014/10/08 12:0 a.m.58 views

GNU Bash Environment Variable Handling RCE Vulnerability (Shellshock, Linux/Unix SSH Login, CVE-2014-6277) - Active Check

GNU Bash is prone to a remote command execution RCE vulnerability dubbed Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

10CVSS9.9AI score0.9422EPSS
Exploits141References9
OpenVAS
OpenVASadded 2014/10/08 12:0 a.m.104 views

GNU Bash Environment Variable Handling RCE Vulnerability (Shellshock, Linux/Unix SSH Login, CVE-2014-7169) - Active Check

GNU Bash is prone to a remote command execution RCE vulnerability dubbed Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

10CVSS8.6AI score0.89056EPSS
Exploits17References12
ThreatPost
ThreatPostadded 2014/10/06 7:56 p.m.15 views

Yahoo Confirms Infected Servers Unrelated to Shellshock

Yahoo CISO Alex Stamos refuted claims made by a Louisiana security company that a number of Yahoo servers had been compromised by Romanian hackers using Shellshock exploits against the vulnerability in Bash. Stamos said three Yahoo Sports API servers were infected with malware by hackers looking...

0.7AI score
Exploits0References3
ThreatPost
ThreatPostadded 2014/10/06 8:19 a.m.15 views

Shellshock-like Vulnerability May Affect Windows

In the early hours of the Shellshock vulnerability in Bash, the running joke was that Windows administrators could sit back with a box of popcorn and a beverage and watch the Linux and UNIX admins scramble about for once. Looks like those same Windows admins may soon be dragged into the fray. As...

0.6AI score
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2014/10/06 12:0 a.m.59 views

GLSA-201409-09 : Bash: Code Injection (Shellshock)

The remote host is affected by the vulnerability described in GLSA-201409-09 Bash: Code Injection Stephane Chazelas reported that Bash incorrectly handles function definitions, allowing attackers to inject arbitrary code. Impact : A remote attacker could exploit this vulnerability to execute...

10CVSS8.9AI score0.9422EPSS
Exploits130References2
Tenable Nessus
Tenable Nessusadded 2014/10/06 12:0 a.m.807 views

Bash Remote Code Execution (CVE-2014-6277 / CVE-2014-6278) (Shellshock)

The remote host is running a version of Bash that is vulnerable to command injection via environment variable manipulation. Depending on the configuration of the system, an attacker could remotely execute arbitrary code. TRUSTED...

10CVSS7.5AI score0.91694EPSS
Exploits36References4
Tenable Nessus
Tenable Nessusadded 2014/10/06 12:0 a.m.49 views

GLSA-201410-01 : Bash: Multiple vulnerabilities (Shellshock)

The remote host is affected by the vulnerability described in GLSA-201410-01 Bash: Multiple vulnerabilities Florian Weimer, Todd Sabin, Michal Zalewski et al. discovered further parsing flaws in Bash. The unaffected Gentoo packages listed in this GLSA contain the official patches to fix the issue...

10CVSS7.7AI score0.91694EPSS
Exploits39References5
Exploit DB
Exploit DBadded 2014/10/06 12:0 a.m.99 views

Bash CGI - 'Shellshock' Remote Command Injection (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Shellshock Bashed CGI RCE', 'Description' = %q This module exploits the shellshock vulnerability in apache cgi. It allows you to excu...

10CVSS7AI score0.9422EPSS
Exploits130
Exploit DB
Exploit DBadded 2014/10/06 12:0 a.m.15607 views

Postfix SMTP 4.2.x < 4.2.48 - 'Shellshock' Remote Command Injection

!/bin/python Exploit Title: Shellshock SMTP Exploit Date: 10/3/2014 Exploit Author: fattymcwopr Vendor Homepage: gnu.org Software Link: http://ftp.gnu.org/gnu/bash/ Version: 4.2.x " argc = lensys.argv ifargc 3: usage sys.exit0 rport = 25 rhost = sys.argv1 cmd = sys.argv2 headers = "To",...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2014/10/06 12:0 a.m.51 views

Apache mod_cgi - 'Shellshock' Remote Command Injection

!/usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars: rhost: victim host rport: victim port for TCP shell...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2014/10/06 12:0 a.m.14 views

Postfix SMTP 4.2.x 4.2.48 - Shellshock Remote Command Injection

Postfix SMTP 4.2.x 4.2.48 - Shellshock Remote Command Injection !/bin/python Exploit Title: Shellshock SMTP Exploit Date: 10/3/2014 Exploit Author: fattymcwopr Vendor Homepage: gnu.org Software Link: http://ftp.gnu.org/gnu/bash/ Version: 4.2.x " argc = lensys.argv ifargc 3: usage sys.exit0 rport ...

Exploits0
exploitpack
exploitpackadded 2014/10/06 12:0 a.m.12 views

Apache mod_cgi - Shellshock Remote Command Injection

Apache modcgi - Shellshock Remote Command Injection ! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars:...

Exploits0
exploitpack
exploitpackadded 2014/10/06 12:0 a.m.31 views

Bash CGI - Shellshock Remote Command Injection (Metasploit)

Bash CGI - Shellshock Remote Command Injection Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Shellshock Bashed CGI RCE', 'Description' = %q This module exploits the...

0.2AI score0.9422EPSS
Exploits130
Packet Storm
Packet Stormadded 2014/10/06 12:0 a.m.202 views

Apache mod_cgi Remote Command Execution

! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars: rhost: victim host rport: victim port for TCP shell...

10CVSS10AI score0.9422EPSS
Exploits130
Packet Storm
Packet Stormadded 2014/10/06 12:0 a.m.858 views

Postfix SMTP Shellshock

!/bin/python Exploit Title: Shellshock SMTP Exploit Date: 10/3/2014 Exploit Author: fattymcwopr Vendor Homepage: gnu.org Software Link: http://ftp.gnu.org/gnu/bash/ Version: 4.2.x " argc = lensys.argv ifargc 3: usage sys.exit0 rport = 25 rhost = sys.argv1 cmd = sys.argv2 headers = "To",...

10CVSS10AI score0.9422EPSS
Exploits130
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.210 views

[security bulletin] HPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04467807 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04467807 Version: 1 HPSBGN03117 rev....

10CVSS0.9AI score0.9422EPSS
Exploits139
securityvulns
securityvulnsadded 2014/10/05 12:0 a.m.259 views

[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468293 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468293 Version: 2 HPSBHF03119 rev....

10CVSS0.3AI score0.9422EPSS
Exploits139
Exploit DB
Exploit DBadded 2014/10/04 12:0 a.m.437 views

OpenVPN 2.2.29 - 'Shellshock' Remote Command Injection

Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port 1194 proto udp dev tun client-cert-not-required...

10CVSS10AI score0.9422EPSS
Exploits130
exploitpack
exploitpackadded 2014/10/04 12:0 a.m.286 views

OpenVPN 2.2.29 - Shellshock Remote Command Injection

OpenVPN 2.2.29 - Shellshock Remote Command Injection Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port...

10CVSS10AI score0.9422EPSS
Exploits130
Tenable Nessus
Tenable Nessusadded 2014/10/03 12:0 a.m.80 views

FreeBSD : rt42 -- vulnerabilities related to shellshock (81e2b308-4a6c-11e4-b711-6805ca0b3d42)

Best Practical reports : RT 4.2.0 and above may be vulnerable to arbitrary execution of code by way of CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, or CVE-2014-6271 -- collectively known as 'Shellshock.' This vulnerability requires a privileged user with access to an RT instance...

10CVSS8AI score0.9422EPSS
Exploits157References7
Rows per page
Query Builder