Vulnerability Description
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Bash | <= 4.3 |
| Arista | Eos | >= 4.9.0, < 4.9.12 |
| Oracle | Linux | 4 |
| Qnap | Qts | < 4.1.1 |
| Mageia | Mageia | 3.0 |
| Redhat | Gluster Storage Server For On-Premise | 2.1 |
| Redhat | Virtualization | 3.4 |
| Redhat | Enterprise Linux | 4.0 |
| Redhat | Enterprise Linux Desktop | 5.0 |
| Redhat | Enterprise Linux Eus | 5.9 |
| Redhat | Enterprise Linux For Ibm Z Systems | 5.9_s390x |
| Redhat | Enterprise Linux For Power Big Endian | 5.0_ppc |
| Redhat | Enterprise Linux For Power Big Endian Eus | 6.5_ppc64 |
| Redhat | Enterprise Linux For Scientific Computing | 6.0 |
| Redhat | Enterprise Linux Server | 5.0 |
| Redhat | Enterprise Linux Server Aus | 5.6 |
| Redhat | Enterprise Linux Server From Rhui | 5.0 |
| Redhat | Enterprise Linux Server Tus | 6.5 |
| Redhat | Enterprise Linux Workstation | 5.0 |
| Suse | Studio Onsite | 1.3 |
Related Weaknesses (CWE)
References
- http://advisories.mageia.org/MGASA-2014-0388.htmlThird Party Advisory
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlBroken LinkThird Party Advisory
- http://jvn.jp/en/jp/JVN55667175/index.htmlVendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126Third Party AdvisoryVDB EntryVendor Advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673Third Party Advisory
- http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlExploitIssue TrackingThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-1293.htmlThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-1294.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2014-6271?
CVE-2014-6271 is a vulnerability with a CVSS score of 9.8 (CRITICAL). GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as...
How severe is CVE-2014-6271?
CVE-2014-6271 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-6271?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Bash, Arista Eos, Oracle Linux, Qnap Qts, Mageia Mageia.