exploit the possibilities
Showing 1 - 25 of 50 RSS Feed

CVE-2014-7169

Status Candidate

Overview

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

Related Files

Xpl-SHELLSHOCK-Ch3ck Shellshock Vulnerability Scanner
Posted May 3, 2015
Authored by Cleiton Pinheiro

PHP script that leverages user agents to scan for the shellshock vulnerability.

tags | tool, scanner, php
systems | unix
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | ea20de95fd9f1afc3959e00818888910
HP Security Bulletin HPSBST03195 1
Posted Apr 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03195 1 - Potential security vulnerabilities have been identified with HP 3PAR Service Processor (SP) running OpenSSL and Bash. The OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of information. The Bash Shell vulnerability known as "Shellshock" which could be exploited remotely resulting in execution of code. Revision 1 of this advisory.

tags | advisory, shell, vulnerability, bash
advisories | CVE-2014-0224, CVE-2014-3566, CVE-2014-6271, CVE-2014-7169
MD5 | a3597b64c42716642c509ae51cfced26
HP Security Bulletin HPSBMU03220 1
Posted Mar 24, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03220 1 - Potential security vulnerabilities have been identified with HP Shunra Network Appliance / HP Shunra Wildcat Appliance running Bash Shell. The vulnerabilities, known as "Shellshock", could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
MD5 | 45b387b5df583f081be056617de348e8
HP Security Bulletin HPSBMU03246 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03246 1 - Potential security vulnerabilities have been identified with HP Insight Control for Linux Central Management Server Pre-boot Execution Environment that could be exploited remotely resulting in Denial of Service (DoS), disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-7196
MD5 | 9ff3aef951a93cf095f88f94f47b951a
HP Security Bulletin HPSBMU03245 1
Posted Feb 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03245 1 - Potential security vulnerabilities have been identified with HP Insight Control server deployment Linux Preboot Execution Environment that could be exploited remotely resulting in Denial of Service (DoS), disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | 77f708697e8d950ace5bdd1b02d84713
HP Security Bulletin HPSBGN03233 1
Posted Jan 14, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03233 1 - Potential security vulnerabilities have been identified with HP OneView running OpenSSL and Bash Shell. These vulnerabilities (POODLE and Shellshock) could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, shell, vulnerability, bash
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | e0ad1d05802cfd5a9626a34c8b1e2bf6
HP Security Bulletin HPSBOV03228 1
Posted Jan 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03228 1 - A potential security vulnerability has been identified with HP OpenVMS running Bash Shell. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169, CVE-2014-7186
MD5 | 8c3fe2ec10e72150d0bb898a23963d2b
HP Security Bulletin HPSBMU03217 1
Posted Dec 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03217 1 - A potential security vulnerability has been identified with HP Vertica. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
MD5 | 3f5913c1d1e47345d54f58954e797e3d
HP Security Bulletin HPSBST03154 2
Posted Dec 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03154 2 - A potential security vulnerability has been identified with HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 2 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | bbd9e2fc809b953e88cd667e06716816
HP Security Bulletin HPSBST03148 1
Posted Nov 26, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03148 1 - A potential security vulnerability has been identified with certain HP StoreOnce Gen 2 Backup systems running Bash Shell. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. NOTE: Versions of HP StoreOnce Gen 2 Backup software prior to 2.3.02 contain the vulnerable version of Bash. However, HP is unaware of any method that would allow this vulnerability to be exploited on HP StoreOnce Gen 2 Backup systems but is providing an updated version of Bash Shell as a precaution. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | fe5f6090052de76ea683bf6bb6bf4ff4
Red Hat Security Advisory 2014-1865-01
Posted Nov 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1865-01 - The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell. Bash is the default shell for Red Hat Enterprise Linux. Shift_JIS, also known as "SJIS", is a character encoding for the Japanese language. This package provides bash support for the Shift_JIS encoding. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.

tags | advisory, remote, shell, bash
systems | linux, redhat
advisories | CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | c33414f54b6ec06e7e87343fe4e45a48
HP Security Bulletin HPSBMU03182 1
Posted Nov 13, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03182 1 - A potential security vulnerability has been identified with HP Server Automation. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
MD5 | b47a36f683bf491830911d855c6f1a38
HP Security Bulletin HPSBGN03117 2
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03117 2 - A potential security vulnerability has been identified with HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: The vCAS product is vulnerable only if DHCP is enabled. Revision 2 of this advisory.

tags | advisory, remote, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169
MD5 | 8cd197ae0bc08b73f1a3d28afc1e8b48
HP Security Bulletin HPSBST03155 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03155 1 - A potential security vulnerability has been identified with HP StoreFabric H-series switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | cee9e866dfa14f72f35220bfb59dc115
HP Security Bulletin HPSBST03154 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03154 1 - A potential security vulnerability has been identified with HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | 391ed1bc0adafb58425b1de7b062ea2c
HP Security Bulletin HPSBST03181 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03181 1 - A potential security vulnerability has been identified with HP StoreEver ESL G3 Tape Library. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | 6fde430e8bafb4371955f484d34826e0
HP Security Bulletin HPSBHF03124 2
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03124 2 - Potential security vulnerabilities have been identified with certain HP Thin Clients running Bash Shell. The vulnerabilities, known as "Shellshock", could be exploited remotely to allow execution of code. Revision 2 of this advisory.

tags | advisory, shell, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
MD5 | ec6d6034152d962e6ffbdc9d84e140a5
HP Security Bulletin HPSBMU03165 1
Posted Nov 12, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03165 1 - A potential security vulnerability has been identified with HP Propel. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2104-6277, CVE-2104-6278
MD5 | fcec6b2014de89d2c078219011a562a0
HP Security Bulletin HPSBST03157
Posted Oct 27, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03157 - A potential security vulnerability has been identified with HP StoreEver ESL E-series Tape Library and HP Virtual Library System (VLS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | 269b487b0234e898889df329a153daac
HP Security Bulletin HPSBHF03146
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03146 - A potential security vulnerability has been identified with HP Integrity SD2 CB900s i4 & i2. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169
MD5 | ec86a2fe4ea3bd03e2bf743a9161cfbc
HP Security Bulletin HPSBHF03145
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03145 - A potential security vulnerability has been identified with HP Integrity Superdome X and HP ConvergedSystem 900 for SAP HANA. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-0224, CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169
MD5 | fc84e703ad22278aaa0ed472da184f16
HP Security Bulletin HPSBGN03141
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03141 - A potential security vulnerability has been identified with HP Automation Insight. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | 1155a8797ff5e2095fb141199aa6cf66
HP Security Bulletin HPSBGN03142
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03142 - A potential security vulnerability has been identified with HP Business Service Automation Essentials. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | ce54e0ad35d5efee5a0d6bb67527c3c9
HP Security Bulletin HPSBST03129
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03129 - A potential security vulnerability has been identified with HP StoreFabric B-series switches running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | db1246885ba33da96903e4c4dc634e98
HP Security Bulletin HPSBST03131
Posted Oct 20, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03131 - A potential security vulnerability has been identified with certain HP StoreOnce Backup systems running Bash Shell. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. NOTE: Versions of HP StoreOnce Backup software prior to 3.11.4 contain the vulnerable version of Bash. However, HP is unaware of any method that would allow this vulnerability to be exploited on HP StoreOnce Backup systems but is providing an updated version of Bash Shell as a precaution. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | 969cfa5db524aadc02c46d4b58316704
Page 1 of 2
Back12Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close