4 matches found
CVE-2014-6271
CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...
CVE-2014-7169
CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...
CVE-2014-6190
The CVE-2014-6190 issue affects IBM Workload Deployer (IBM Workload Deployer 3.1 before 3.1.0.7). The vulnerability in the Log Viewer allows remote attackers to obtain sensitive information by requesting the URL of a log document, caused by defined system users lacking proper permission controls....
CVE-2014-6158
CVE-2014-6158 is a directory-traversal flaw affecting IBM PureApplication System (versions 1.0 up to 1.0.0.4 iFix 10; 1.1 up to 1.1.0.5; 2.0 up to 2.0.0.1) and IBM Workload Deployer (3.1.0.7 up to IF5). The vulnerability arises in the file-upload mechanism where authenticated users can manipulate...