CVE-2014-6278

KEV

Published: Set 30, 2014 Last Modified: Ott 22, 2025

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,8

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

HIGH 10,0

Source: [email protected]

Access Vector: network

Access Complexity: low

Authentication: none

Confidentiality: complete

Integrity: complete

Availability: complete

Description

AI Translation Available

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,9048

Percentile

1,0th

Updated

EPSS Score Trend (Last 91 Days)

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Non-Repudiation

Potential Impacts:

Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Read Files Or Directories Modify Files Or Directories Read Application Data Modify Application Data Hide Activities

Applicable Platforms

Technologies: AI/ML, Not Technology-Specific, Web Server

Likelihood of Exploit: High

View CWE Details

Exploit

GNU bash 4.3.11 - Environment Variable dhclient

Author: @0x00string Published:

View Exploit Code →

Exploit

Apache mod_cgi - 'Shellshock' Remote Command Injection

Verified

Apache mod_cgi - 'Shellshock' Remote Command Injection

Author: Federico Galatolo Published: Status: Verified

View Exploit Code →

Exploit

dhclient 4.1 - Bash Environment Variable Command Injection …

Verified

dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)

Author: fdiskyou Published: Status: Verified

View Exploit Code →

Exploit

Cisco UCS Manager 2.1(1b) - Remote Command Injection …

Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

Author: thatchriseckert Published:

View Exploit Code →

Exploit

Sun Secure Global Desktop and Oracle Global Desktop …

Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)

Author: lastc0de Published:

View Exploit Code →

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.05

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.05:b:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.05

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.05:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.7

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.7:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 4.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:4.0:rc1:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.03

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.03:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 4.1

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:4.1:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 3.2.48

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:3.2.48:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 4.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:4.0:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.4

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.4:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.0:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 4.2

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.02

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.02:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 3.1

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:3.1:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.01

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.01:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.01.1

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.01.1:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.3

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.3:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.2

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.2:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 3.2

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:3.2:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.05

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.05:a:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.04

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.04:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.6

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.6:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 4.3

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:4.3:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 3.0.16

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:3.0.16:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 2.02.1

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:2.02.1:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.5

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.5:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 3.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:3.0:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.0

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Bash by Gnu

Product Information

Vendor Gnu

Product Bash

Version 1.14.1

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:gnu:bash:1.14.1:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.cisa.gov/known-exploited-vulnerabilities-catalo…

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014…

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126

http://jvn.jp/en/jp/JVN55667175/index.html

http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unoffici…

http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html

http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally…

http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html

http://linux.oracle.com/errata/ELSA-2014-3093

http://linux.oracle.com/errata/ELSA-2014-3094

http://lists.opensuse.org/opensuse-security-announce/2014-1…

http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html

http://lists.opensuse.org/opensuse-updates/2014-10/msg00025…

http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html

http://marc.info/?l=bugtraq&m=141330468527613&w=2

http://marc.info/?l=bugtraq&m=141345648114150&w=2

http://marc.info/?l=bugtraq&m=141383026420882&w=2

http://marc.info/?l=bugtraq&m=141383081521087&w=2

http://marc.info/?l=bugtraq&m=141383196021590&w=2

http://marc.info/?l=bugtraq&m=141383244821813&w=2

http://marc.info/?l=bugtraq&m=141383304022067&w=2

http://marc.info/?l=bugtraq&m=141383353622268&w=2

http://marc.info/?l=bugtraq&m=141383465822787&w=2

http://marc.info/?l=bugtraq&m=141450491804793&w=2

http://marc.info/?l=bugtraq&m=141576728022234&w=2

http://marc.info/?l=bugtraq&m=141577137423233&w=2

http://marc.info/?l=bugtraq&m=141577241923505&w=2

http://marc.info/?l=bugtraq&m=141577297623641&w=2

http://marc.info/?l=bugtraq&m=141585637922673&w=2

http://marc.info/?l=bugtraq&m=141879528318582&w=2

http://marc.info/?l=bugtraq&m=142118135300698&w=2

http://marc.info/?l=bugtraq&m=142358026505815&w=2

http://marc.info/?l=bugtraq&m=142358078406056&w=2

http://marc.info/?l=bugtraq&m=142721162228379&w=2

http://packetstormsecurity.com/files/128567/CA-Technologies…

http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock…

http://packetstormsecurity.com/files/137344/Sun-Secure-Glob…

http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Gl…

https://bugzilla.redhat.com/show_bug.cgi?id=1147414

http://secunia.com/advisories/58200

http://secunia.com/advisories/59907

http://secunia.com/advisories/59961

http://secunia.com/advisories/60024

http://secunia.com/advisories/60034

http://secunia.com/advisories/60044

http://secunia.com/advisories/60055

http://secunia.com/advisories/60063

http://secunia.com/advisories/60193

http://secunia.com/advisories/60325

http://secunia.com/advisories/60433

http://secunia.com/advisories/61065

http://secunia.com/advisories/61128

http://secunia.com/advisories/61129

http://secunia.com/advisories/61283

http://secunia.com/advisories/61287

http://secunia.com/advisories/61291

http://secunia.com/advisories/61312

http://secunia.com/advisories/61313

http://secunia.com/advisories/61328

http://secunia.com/advisories/61442

http://secunia.com/advisories/61471

http://secunia.com/advisories/61485

http://secunia.com/advisories/61503

http://secunia.com/advisories/61550

http://secunia.com/advisories/61552

http://secunia.com/advisories/61565

http://secunia.com/advisories/61603

http://secunia.com/advisories/61633

http://secunia.com/advisories/61641

http://secunia.com/advisories/61643

http://secunia.com/advisories/61654

http://secunia.com/advisories/61703

http://secunia.com/advisories/61780

http://secunia.com/advisories/61816

http://secunia.com/advisories/61857

http://secunia.com/advisories/62312

http://secunia.com/advisories/62343

https://kb.bluecoat.com/index?page=content&id=SA82

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA…

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648

https://kc.mcafee.com/corporate/index?page=content&id=SB100…

https://kc.mcafee.com/corporate/index?page=content&id=SB10085

https://security-tracker.debian.org/tracker/CVE-2014-6278

https://supportcenter.checkpoint.com/supportcenter/portal?e…

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviews…

https://support.citrix.com/article/CTX200217

https://support.citrix.com/article/CTX200223

https://support.f5.com/kb/en-us/solutions/public/15000/600/…

https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html

https://support.hpe.com/hpsc/doc/public/display?docLocale=e…

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c0…

https://support.hpe.com/hpsc/doc/public/display?docLocale=e…

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c0…

http://support.novell.com/security/cve/CVE-2014-6278.html

https://www.arista.com/en/support/advisories-notices/securi…

https://www.arista.com/en/support/advisories-notices/security-advisories/1008-s…

https://www.exploit-db.com/exploits/39568/

https://www.exploit-db.com/exploits/39887/

https://www.suse.com/support/shellshock/

http://tools.cisco.com/security/center/content/CiscoSecurit…

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2…

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915

http://www-01.ibm.com/support/docview.wss?uid=swg21685541

http://www-01.ibm.com/support/docview.wss?uid=swg21685604

http://www-01.ibm.com/support/docview.wss?uid=swg21685733

http://www-01.ibm.com/support/docview.wss?uid=swg21685749

http://www-01.ibm.com/support/docview.wss?uid=swg21685914

http://www-01.ibm.com/support/docview.wss?uid=swg21686131

http://www-01.ibm.com/support/docview.wss?uid=swg21686246

http://www-01.ibm.com/support/docview.wss?uid=swg21686445

http://www-01.ibm.com/support/docview.wss?uid=swg21686479

http://www-01.ibm.com/support/docview.wss?uid=swg21686494

http://www-01.ibm.com/support/docview.wss?uid=swg21687079

http://www-947.ibm.com/support/entry/portal/docdisplay?lndo…

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315

http://www.mandriva.com/security/advisories?name=MDVSA-2015…

http://www.mandriva.com/security/advisories?name=MDVSA-2015:164

http://www.novell.com/support/kb/doc.php?id=7015721

http://www.oracle.com/technetwork/topics/security/bashcve-2…

http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html

http://www.qnap.com/i/en/support/con_show.php?cid=61

http://www.ubuntu.com/usn/USN-2380-1

http://www.vmware.com/security/advisories/VMSA-2014-0010.ht…

http://www.vmware.com/security/advisories/VMSA-2014-0010.html

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126

http://jvn.jp/en/jp/JVN55667175/index.html

http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unoffici…

http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html

http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally…

http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html

http://linux.oracle.com/errata/ELSA-2014-3093

http://linux.oracle.com/errata/ELSA-2014-3094

http://lists.opensuse.org/opensuse-security-announce/2014-1…

http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html

http://lists.opensuse.org/opensuse-updates/2014-10/msg00025…

http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html

http://marc.info/?l=bugtraq&m=141330468527613&w=2

http://marc.info/?l=bugtraq&m=141345648114150&w=2

http://marc.info/?l=bugtraq&m=141383026420882&w=2

http://marc.info/?l=bugtraq&m=141383081521087&w=2

http://marc.info/?l=bugtraq&m=141383196021590&w=2

http://marc.info/?l=bugtraq&m=141383244821813&w=2

http://marc.info/?l=bugtraq&m=141383304022067&w=2

http://marc.info/?l=bugtraq&m=141383353622268&w=2

http://marc.info/?l=bugtraq&m=141383465822787&w=2

http://marc.info/?l=bugtraq&m=141450491804793&w=2

http://marc.info/?l=bugtraq&m=141576728022234&w=2

http://marc.info/?l=bugtraq&m=141577137423233&w=2

http://marc.info/?l=bugtraq&m=141577241923505&w=2

http://marc.info/?l=bugtraq&m=141577297623641&w=2

http://marc.info/?l=bugtraq&m=141585637922673&w=2

http://marc.info/?l=bugtraq&m=141879528318582&w=2

http://marc.info/?l=bugtraq&m=142118135300698&w=2

http://marc.info/?l=bugtraq&m=142358026505815&w=2

http://marc.info/?l=bugtraq&m=142358078406056&w=2

http://marc.info/?l=bugtraq&m=142721162228379&w=2

http://packetstormsecurity.com/files/128567/CA-Technologies…

http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock…

http://packetstormsecurity.com/files/137344/Sun-Secure-Glob…

http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Gl…

https://bugzilla.redhat.com/show_bug.cgi?id=1147414

http://secunia.com/advisories/58200

http://secunia.com/advisories/59907

http://secunia.com/advisories/59961

http://secunia.com/advisories/60024

http://secunia.com/advisories/60034

http://secunia.com/advisories/60044

http://secunia.com/advisories/60055

http://secunia.com/advisories/60063

http://secunia.com/advisories/60193

http://secunia.com/advisories/60325

http://secunia.com/advisories/60433

http://secunia.com/advisories/61065

http://secunia.com/advisories/61128

http://secunia.com/advisories/61129

http://secunia.com/advisories/61283

http://secunia.com/advisories/61287

http://secunia.com/advisories/61291

http://secunia.com/advisories/61312

http://secunia.com/advisories/61313

http://secunia.com/advisories/61328

http://secunia.com/advisories/61442

http://secunia.com/advisories/61471

http://secunia.com/advisories/61485

http://secunia.com/advisories/61503

http://secunia.com/advisories/61550

http://secunia.com/advisories/61552

http://secunia.com/advisories/61565

http://secunia.com/advisories/61603

http://secunia.com/advisories/61633

http://secunia.com/advisories/61641

http://secunia.com/advisories/61643

http://secunia.com/advisories/61654

http://secunia.com/advisories/61703

http://secunia.com/advisories/61780

http://secunia.com/advisories/61816

http://secunia.com/advisories/61857

http://secunia.com/advisories/62312

http://secunia.com/advisories/62343

https://kb.bluecoat.com/index?page=content&id=SA82

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA…

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648

https://kc.mcafee.com/corporate/index?page=content&id=SB100…

https://kc.mcafee.com/corporate/index?page=content&id=SB10085

https://security-tracker.debian.org/tracker/CVE-2014-6278

https://supportcenter.checkpoint.com/supportcenter/portal?e…

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviews…

https://support.citrix.com/article/CTX200217

https://support.citrix.com/article/CTX200223

https://support.f5.com/kb/en-us/solutions/public/15000/600/…

https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html

https://support.hpe.com/hpsc/doc/public/display?docLocale=e…

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c0…

https://support.hpe.com/hpsc/doc/public/display?docLocale=e…

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c0…

http://support.novell.com/security/cve/CVE-2014-6278.html

https://www.arista.com/en/support/advisories-notices/securi…

https://www.arista.com/en/support/advisories-notices/security-advisories/1008-s…

https://www.exploit-db.com/exploits/39568/

https://www.exploit-db.com/exploits/39887/

https://www.suse.com/support/shellshock/

http://tools.cisco.com/security/center/content/CiscoSecurit…

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2…

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915

http://www-01.ibm.com/support/docview.wss?uid=swg21685541

http://www-01.ibm.com/support/docview.wss?uid=swg21685604

http://www-01.ibm.com/support/docview.wss?uid=swg21685733

http://www-01.ibm.com/support/docview.wss?uid=swg21685749

http://www-01.ibm.com/support/docview.wss?uid=swg21685914

http://www-01.ibm.com/support/docview.wss?uid=swg21686131

http://www-01.ibm.com/support/docview.wss?uid=swg21686246

http://www-01.ibm.com/support/docview.wss?uid=swg21686445

http://www-01.ibm.com/support/docview.wss?uid=swg21686479

http://www-01.ibm.com/support/docview.wss?uid=swg21686494

http://www-01.ibm.com/support/docview.wss?uid=swg21687079

http://www-947.ibm.com/support/entry/portal/docdisplay?lndo…

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315

http://www.mandriva.com/security/advisories?name=MDVSA-2015…

http://www.mandriva.com/security/advisories?name=MDVSA-2015:164

http://www.novell.com/support/kb/doc.php?id=7015721

http://www.oracle.com/technetwork/topics/security/bashcve-2…

http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html

http://www.qnap.com/i/en/support/con_show.php?cid=61

http://www.ubuntu.com/usn/USN-2380-1

http://www.vmware.com/security/advisories/VMSA-2014-0010.ht…

http://www.vmware.com/security/advisories/VMSA-2014-0010.html

CVE-2014-6278

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 91 Days)

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Common Consequences

Applicable Platforms

GNU bash 4.3.11 - Environment Variable dhclient

Apache mod_cgi - 'Shellshock' Remote Command Injection

dhclient 4.1 - Bash Environment Variable Command Injection …

Cisco UCS Manager 2.1(1b) - Remote Command Injection …

Sun Secure Global Desktop and Oracle Global Desktop …

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Bash by Gnu

Product Information

Iscriviti alla newsletter