what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

CVE-2014-6278

Status Candidate

Overview

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.

Related Files

Sun Secure Global Desktop / Oracle Global Desktop Shellshock
Posted Jun 7, 2016
Authored by lastc0de

Sun Secure Global Desktop and Oracle Global Desktop version 4.61.915 remote shellshock code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-6278
SHA-256 | 35ec240c60b7255eaaf64467d8712fa76be5b375b7a5237d5221f43ac829bf35
Cisco UCS Manager 2.1(1b) Shellshock
Posted Mar 17, 2016
Authored by thatchriseckert

Cisco UCS Manager version 2.1(1b) shellshock exploit that spawns a connect-back shell.

tags | exploit, shell
systems | cisco
advisories | CVE-2014-6278
SHA-256 | 8e555e4314339995e576394135e468491a5591e41f42cc88f61d026cdbae0718
Xpl-SHELLSHOCK-Ch3ck Shellshock Vulnerability Scanner
Posted May 3, 2015
Authored by Cleiton Pinheiro

PHP script that leverages user agents to scan for the shellshock vulnerability.

tags | tool, scanner, php
systems | unix
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | c3fb3a101c43ddb2ec35601038641d0e74080bb19c7ab688fea8961529e512d4
HP Security Bulletin HPSBMU03220 1
Posted Mar 24, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03220 1 - Potential security vulnerabilities have been identified with HP Shunra Network Appliance / HP Shunra Wildcat Appliance running Bash Shell. The vulnerabilities, known as "Shellshock", could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
SHA-256 | a6123d5b851b138a543e987a040efe52fa0e792954adbdefa8c34b543cc021b7
HP Security Bulletin HPSBMU03246 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03246 1 - Potential security vulnerabilities have been identified with HP Insight Control for Linux Central Management Server Pre-boot Execution Environment that could be exploited remotely resulting in Denial of Service (DoS), disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-7196
SHA-256 | 3bc364eb213e9861d4e21588302ac46a9d28eaf2ef45b15cfb72ed924b71144e
HP Security Bulletin HPSBMU03245 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03245 1 - Potential security vulnerabilities have been identified with HP Insight Control server deployment Linux Preboot Execution Environment that could be exploited remotely resulting in Denial of Service (DoS), disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 547a09874ba71ce03f8459976cd14cc2cb14970581a4d419a52cee64bf714d9e
HP Security Bulletin HPSBGN03233 1
Posted Jan 14, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03233 1 - Potential security vulnerabilities have been identified with HP OneView running OpenSSL and Bash Shell. These vulnerabilities (POODLE and Shellshock) could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, shell, vulnerability, bash
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 4b877dbe7e357236881b287abc3a3f36c78913bccdc7212120a575f1c5a5650e
HP Security Bulletin HPSBMU03217 1
Posted Dec 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03217 1 - A potential security vulnerability has been identified with HP Vertica. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
SHA-256 | bba781db0ea6237d24c41632509ea14fbeb0e32ee6e7ac09ab25b8319078c862
HP Security Bulletin HPSBST03154 2
Posted Dec 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03154 2 - A potential security vulnerability has been identified with HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 2 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 1fd37f9427784b3b37be04b743ed2eb89dd0ff93ce83329650327ceec8f74b04
HP Security Bulletin HPSBMU03182 1
Posted Nov 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03182 1 - A potential security vulnerability has been identified with HP Server Automation. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
SHA-256 | 2c7547ad37486e13bbfb803f26b54786b2666a0d9a0dc7130cbe590247c0434c
HP Security Bulletin HPSBST03155 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03155 1 - A potential security vulnerability has been identified with HP StoreFabric H-series switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | f3dcc135fd2c1cf8a1c5df3a69efd02a182cdabdb8e9370883499a6a98eeecfc
HP Security Bulletin HPSBST03154 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03154 1 - A potential security vulnerability has been identified with HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | f9534957739ab8f3e7e9de8f9c4bf5789882431d3a5cde51340596d597abe334
HP Security Bulletin HPSBST03181 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03181 1 - A potential security vulnerability has been identified with HP StoreEver ESL G3 Tape Library. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | cbb07b428d53f1c1557655cd70c5d064f9bc9d949a6557331a6e0111d76d716b
HP Security Bulletin HPSBHF03124 2
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03124 2 - Potential security vulnerabilities have been identified with certain HP Thin Clients running Bash Shell. The vulnerabilities, known as "Shellshock", could be exploited remotely to allow execution of code. Revision 2 of this advisory.

tags | advisory, shell, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
SHA-256 | c8f6d879ddf7cc323158feb1bb78035393d71910932a07f1d6aa7f0deabbcef6
HP Security Bulletin HPSBMU03165 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03165 1 - A potential security vulnerability has been identified with HP Propel. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
SHA-256 | 993d69d889cb57ea4e97b5967566ea9fa56baaa30d0ca057ac83149e29c4add3
CUPS Filter Bash Environment Variable Code Injection
Posted Oct 28, 2014
Authored by Michal Zalewski, Stephane Chazelas | Site metasploit.com

This Metasploit module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically targeting CUPS filters through the PRINTER_INFO and PRINTER_LOCATION variables by default.

tags | exploit, bash
advisories | CVE-2014-6271, CVE-2014-6278
SHA-256 | 5a376a0f4e8be0b42906123abc72f100a271655c6310963fc913fc7504861155
HP Security Bulletin HPSBST03157
Posted Oct 27, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03157 - A potential security vulnerability has been identified with HP StoreEver ESL E-series Tape Library and HP Virtual Library System (VLS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | e9d6c975aaed8023b6f21f043ef708d1380c041f1f05607e46608de48932d0f7
HP Security Bulletin HPSBHF03146
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03146 - A potential security vulnerability has been identified with HP Integrity SD2 CB900s i4 & i2. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169
SHA-256 | 71138975f2ecb9835216b1124791afaa131e7f859aaecdae0c613c524094559d
HP Security Bulletin HPSBHF03145
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03145 - A potential security vulnerability has been identified with HP Integrity Superdome X and HP ConvergedSystem 900 for SAP HANA. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-0224, CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169
SHA-256 | 2fd50d7e08d80f7519616b15757f4e909dcbfe0263378c1519b97902f322248d
HP Security Bulletin HPSBGN03141
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03141 - A potential security vulnerability has been identified with HP Automation Insight. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 24dee4b8f6b5ddb5d65f8c4322c72420242ee64a9c4bb8a0cb9e1a6cbc7f3d0a
HP Security Bulletin HPSBGN03142
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03142 - A potential security vulnerability has been identified with HP Business Service Automation Essentials. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | d574847ce7c8fec49d12de9d8ba41f61736d3916c841666ecefa508ce7691a21
HP Security Bulletin HPSBST03129
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03129 - A potential security vulnerability has been identified with HP StoreFabric B-series switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 29cdba50ad78b04a98c9fe494d60a6e306a9c9eeb0944502a88270c9bc2b3672
HP Security Bulletin HPSBMU03144
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03144 - A potential security vulnerability has been identified with HP Operation Agent Virtual Appliance. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 64edb263b2832abacd7836db8a8ef12dccda691a3aef95347dfd9324eed8d66f
HP Security Bulletin HPSBMU03143
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03143 - A potential security vulnerability has been identified with HP Virtualization Performance Viewer. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 794de02c30241366d47f3cc27adf32db27562f26c7bf7597b2338a634f30289e
HP Security Bulletin HPSBHF03125
Posted Oct 16, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03125 - A potential security vulnerability has been identified with HP Next Generation Firewall (NGFW) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: This vulnerability can only be exploited if the attacker already has valid administrative login credentials. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 17f8eddb7283be7cb8ad30c6586d35e371e0c3c28a85f0aa23c2b591cbc0f229
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close