HP Security Bulletin HPSBST03181 1 - A potential security vulnerability has been identified with HP StoreEver ESL G3 Tape Library. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
cbb07b428d53f1c1557655cd70c5d064f9bc9d949a6557331a6e0111d76d716bHP Security Bulletin HPSBHF03124 2 - Potential security vulnerabilities have been identified with certain HP Thin Clients running Bash Shell. The vulnerabilities, known as "Shellshock", could be exploited remotely to allow execution of code. Revision 2 of this advisory.
c8f6d879ddf7cc323158feb1bb78035393d71910932a07f1d6aa7f0deabbcef6HP Security Bulletin HPSBMU03165 1 - A potential security vulnerability has been identified with HP Propel. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
993d69d889cb57ea4e97b5967566ea9fa56baaa30d0ca057ac83149e29c4add3This Metasploit module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically targeting CUPS filters through the PRINTER_INFO and PRINTER_LOCATION variables by default.
5a376a0f4e8be0b42906123abc72f100a271655c6310963fc913fc7504861155HP Security Bulletin HPSBST03157 - A potential security vulnerability has been identified with HP StoreEver ESL E-series Tape Library and HP Virtual Library System (VLS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
e9d6c975aaed8023b6f21f043ef708d1380c041f1f05607e46608de48932d0f7HP Security Bulletin HPSBHF03146 - A potential security vulnerability has been identified with HP Integrity SD2 CB900s i4 & i2. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
71138975f2ecb9835216b1124791afaa131e7f859aaecdae0c613c524094559dHP Security Bulletin HPSBHF03145 - A potential security vulnerability has been identified with HP Integrity Superdome X and HP ConvergedSystem 900 for SAP HANA. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
2fd50d7e08d80f7519616b15757f4e909dcbfe0263378c1519b97902f322248dHP Security Bulletin HPSBGN03141 - A potential security vulnerability has been identified with HP Automation Insight. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
24dee4b8f6b5ddb5d65f8c4322c72420242ee64a9c4bb8a0cb9e1a6cbc7f3d0aHP Security Bulletin HPSBGN03142 - A potential security vulnerability has been identified with HP Business Service Automation Essentials. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
d574847ce7c8fec49d12de9d8ba41f61736d3916c841666ecefa508ce7691a21HP Security Bulletin HPSBST03129 - A potential security vulnerability has been identified with HP StoreFabric B-series switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
29cdba50ad78b04a98c9fe494d60a6e306a9c9eeb0944502a88270c9bc2b3672HP Security Bulletin HPSBST03131 - A potential security vulnerability has been identified with certain HP StoreOnce Backup systems running Bash Shell. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. NOTE: Versions of HP StoreOnce Backup software prior to 3.11.4 contain the vulnerable version of Bash. However, HP is unaware of any method that would allow this vulnerability to be exploited on HP StoreOnce Backup systems but is providing an updated version of Bash Shell as a precaution. Revision 1 of this advisory.
4178dafe8e381b36135d2cb121e555aafaf758c401d7f76e00ce10bbf4f709e2HP Security Bulletin HPSBMU03144 - A potential security vulnerability has been identified with HP Operation Agent Virtual Appliance. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
64edb263b2832abacd7836db8a8ef12dccda691a3aef95347dfd9324eed8d66fHP Security Bulletin HPSBMU03143 - A potential security vulnerability has been identified with HP Virtualization Performance Viewer. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
794de02c30241366d47f3cc27adf32db27562f26c7bf7597b2338a634f30289eHP Security Bulletin HPSBHF03125 - A potential security vulnerability has been identified with HP Next Generation Firewall (NGFW) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: This vulnerability can only be exploited if the attacker already has valid administrative login credentials. Revision 1 of this advisory.
17f8eddb7283be7cb8ad30c6586d35e371e0c3c28a85f0aa23c2b591cbc0f229HP Security Bulletin HPSBGN03138 - A potential security vulnerability has been identified with HP Operations Analytics. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.
d2c8a68273b5d908b747dd246281eeb694499ac265b53b3dfe1649f854e5e958HP Security Bulletin HPSBMU03133 - A potential security vulnerability has been identified with HP Enterprise Maps Virtual Appliance running the Bash Shell. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
f3d7edeb1d02e9729328450dcfc5c31cb9e6fb021df15dcefe1d8aa97c13b935DNS reverse lookups can be used as a vector of attack for the bash shellshock vulnerability.
f270585f9a138adfc590970e5d69e843b483a83fdff3980b13aa5bef341cd964Apache mod_cgi remote command execution exploit that leverages shellshock.
aa65be966107716b7bbf1adb14837e5908955fc01c55881d0c81e03aed890e9cPostfix SMTP with procmail shellshock exploit that affects versions 4.2.x up through 4.2.48.
2defb18f0a8b00ec8fed37883f8a633b4382c93a3edfdbab3f7778291f08879aCA Technologies is investigating multiple GNU Bash vulnerabilities, referred to as the "Shellshock" vulnerabilities, which were publicly disclosed on September 24-27, 2014. CVE identifiers CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278 have been assigned to these vulnerabilities. These vulnerabilities could allow a local or remote attacker to utilize specially crafted input to execute arbitrary commands or code.
3db7713d504c91a2a12a2610e9cd8a98e74b36f790d1df3c77d0e4b33c6098c5HP Security Bulletin HPSBHF03124 - Potential security vulnerabilities have been identified with certain HP Thin Clients running bash. The vulnerabilities, known as shellshock could be exploited remotely to allow execution of code. Revision 1 of this advisory.
7bec20c1e05d7486cb10a36c31e3d2123d1225efbea951e4b4137db0c1155842HP Security Bulletin HPSBHF03119 2 - A potential security vulnerability has been identified with HP DreamColor Z27x Professional Display running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: Only the HP DreamColor Z27x model is vulnerable. Revision 2 of this advisory.
2a168e564f4b89a286c458982b1a9135992f03cf7a44f3613b8e5d0316184c32This Metasploit module exploits the shellshock vulnerability in apache cgi. It allows you to execute any metasploit payload you want.
a864c843ce6ef903a561a68316c0959dd2b138cad93a26d0f8f6d85e6d98db5dRed Hat Security Advisory 2014-1354-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.
b32eb23a922aaad612775171117381de11c2f5eb28b398659a771dccc74d4d25This Metasploit module exploits the code injection flaw known as shellshock which leverages specially crafted environment variables in Bash. This exploit specifically targets Pure-FTPd when configured to use an external program for authentication.
d1353f15ae7ed9aea8cd6b1644f5fbeada6291338684996bc3b3a388a0f3b2ec
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed