Vulnerability Description
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Bash | <= 4.3 |
| Arista | Eos | >= 4.9.0, < 4.9.12 |
| Oracle | Linux | 4 |
| Qnap | Qts | < 4.1.1 |
| Mageia | Mageia | 3.0 |
| Redhat | Gluster Storage Server For On-Premise | 2.1 |
| Redhat | Virtualization | 3.4 |
| Redhat | Enterprise Linux | 4.0 |
| Redhat | Enterprise Linux Desktop | 5.0 |
| Redhat | Enterprise Linux Eus | 5.9 |
| Redhat | Enterprise Linux For Ibm Z Systems | 5.9_s390x |
| Redhat | Enterprise Linux For Power Big Endian | 5.0_ppc |
| Redhat | Enterprise Linux For Power Big Endian Eus | 6.5_ppc64 |
| Redhat | Enterprise Linux For Scientific Computing | 6.0 |
| Redhat | Enterprise Linux Server | 5.0 |
| Redhat | Enterprise Linux Server Aus | 5.6 |
| Redhat | Enterprise Linux Server From Rhui | 5.0 |
| Redhat | Enterprise Linux Server Tus | 6.5 |
| Redhat | Enterprise Linux Workstation | 5.0 |
| Suse | Studio Onsite | 1.3 |
Related Weaknesses (CWE)
References
- http://advisories.mageia.org/MGASA-2014-0393.htmlThird Party Advisory
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlBroken Link
- http://jvn.jp/en/jp/JVN55667175/index.htmlThird Party Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126Third Party AdvisoryVDB Entry
- http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-1306.htmlThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-3075.htmlThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-3077.htmlThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2014-3078.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2014-7169?
CVE-2014-7169 is a vulnerability with a CVSS score of 9.8 (CRITICAL). GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possi...
How severe is CVE-2014-7169?
CVE-2014-7169 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-7169?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Bash, Arista Eos, Oracle Linux, Qnap Qts, Mageia Mageia.