Lucene search

K
ubuntucveUbuntu.comUB:CVE-2014-6277
HistorySep 27, 2014 - 12:00 a.m.

CVE-2014-6277

2014-09-2700:00:00
ubuntu.com
ubuntu.com
41

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.974

Percentile

99.9%

GNU Bash through 4.3 bash43-026 does not properly parse function
definitions in the values of environment variables, which allows remote
attackers to execute arbitrary code or cause a denial of service
(uninitialized memory access, and untrusted-pointer read and write
operations) via a crafted environment, as demonstrated by vectors involving
the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules
in the Apache HTTP Server, scripts executed by unspecified DHCP clients,
and other situations in which setting the environment occurs across a
privilege boundary from Bash execution. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.

Notes

Author Note
mdeslaur this issue is mitigated by Florian Weimer’s prefix-suffix patch that is included in https://ubuntu.com/security/notices/USN-2364-1 since bash parser vulnerabilities are now limited to specially named environment variables, and as such are no longer directly exposed to CGI scripts, SSH, etc. Once an upstream patch is made available, we will release bash updates, but we don’t consider this to be a critical issue requiring immediate attention.
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchbash< 4.1-2ubuntu3.5UNKNOWN
ubuntu12.04noarchbash< 4.2-2ubuntu2.6UNKNOWN
ubuntu14.04noarchbash< 4.3-7ubuntu1.5UNKNOWN

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.974

Percentile

99.9%