// For flags

CVE-2014-6278

Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

5
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.

GNU Bash hasta 4.3 bash43-026 no analiza debidamente las definiciones de funciones en los valores de las variables de entornos, lo que permite a atacantes remotos ejecutar comandos arbitrarios a través de un entorno manipulado, como fue demostrado por vectores involucrando la caracteristica ForceCommand en OpenSSH sshd, los módulos mod_cgi y mod_cgid en el servidor Apache HTTP, secuencias de comandos ejecutadas por clientes DHCP no especificados, y otras situaciones en las cuales la configuración del entorno ocurre tras un límite de privilegios de la ejecución de Bash. NOTA: esta vulnerabilidad existe debido a una solución incompleta para el CVE-2014-6271, CVE-2014-7169, y CVE-2014-6277.

DNS reverse lookups can be used as a vector of attack for the bash shellshock vulnerability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-09-09 CVE Reserved
  • 2014-09-29 First Exploit
  • 2014-09-30 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-09-28 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (113)
URL Tag Source
http://jvn.jp/en/jp/JVN55667175/index.html Third Party Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126 Third Party Advisory
http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html X_refsource_misc
http://linux.oracle.com/errata/ELSA-2014-3093 X_refsource_confirm
http://linux.oracle.com/errata/ELSA-2014-3094 X_refsource_confirm
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html X_refsource_misc
http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Global-Desktop-Shellshock.html X_refsource_misc
http://secunia.com/advisories/58200 Third Party Advisory
http://secunia.com/advisories/59907 Third Party Advisory
http://secunia.com/advisories/59961 Third Party Advisory
http://secunia.com/advisories/60024 Third Party Advisory
http://secunia.com/advisories/60034 Third Party Advisory
http://secunia.com/advisories/60044 Third Party Advisory
http://secunia.com/advisories/60055 Third Party Advisory
http://secunia.com/advisories/60063 Third Party Advisory
http://secunia.com/advisories/60193 Third Party Advisory
http://secunia.com/advisories/60325 Third Party Advisory
http://secunia.com/advisories/60433 Third Party Advisory
http://secunia.com/advisories/61065 Third Party Advisory
http://secunia.com/advisories/61128 Third Party Advisory
http://secunia.com/advisories/61129 Third Party Advisory
http://secunia.com/advisories/61283 Third Party Advisory
http://secunia.com/advisories/61287 Third Party Advisory
http://secunia.com/advisories/61291 Third Party Advisory
http://secunia.com/advisories/61312 Third Party Advisory
http://secunia.com/advisories/61313 Third Party Advisory
http://secunia.com/advisories/61328 Third Party Advisory
http://secunia.com/advisories/61442 Third Party Advisory
http://secunia.com/advisories/61471 Third Party Advisory
http://secunia.com/advisories/61485 Third Party Advisory
http://secunia.com/advisories/61503 Third Party Advisory
http://secunia.com/advisories/61550 Third Party Advisory
http://secunia.com/advisories/61552 Third Party Advisory
http://secunia.com/advisories/61565 Third Party Advisory
http://secunia.com/advisories/61603 Third Party Advisory
http://secunia.com/advisories/61633 Third Party Advisory
http://secunia.com/advisories/61641 Third Party Advisory
http://secunia.com/advisories/61643 Third Party Advisory
http://secunia.com/advisories/61654 Third Party Advisory
http://secunia.com/advisories/61703 Third Party Advisory
http://secunia.com/advisories/61780 Third Party Advisory
http://secunia.com/advisories/61816 Third Party Advisory
http://secunia.com/advisories/61857 Third Party Advisory
http://secunia.com/advisories/62312 Third Party Advisory
http://secunia.com/advisories/62343 Third Party Advisory
http://support.novell.com/security/cve/CVE-2014-6278.html X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21685541 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21685604 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21685733 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21685749 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21685914 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21686131 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21686246 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21686445 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21686479 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21686494 X_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21687079 X_refsource_confirm
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315 X_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7015721 X_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html X_refsource_confirm
http://www.qnap.com/i/en/support/con_show.php?cid=61 X_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2014-0010.html X_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1147414 X_refsource_confirm
https://kb.bluecoat.com/index?page=content&id=SA82 X_refsource_confirm
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648 X_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10085 X_refsource_confirm
https://security-tracker.debian.org/tracker/CVE-2014-6278 X_refsource_confirm
https://support.citrix.com/article/CTX200217 X_refsource_confirm
https://support.citrix.com/article/CTX200223 X_refsource_confirm
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html X_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075 X_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183 X_refsource_confirm
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts X_refsource_confirm
https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006 X_refsource_misc
https://www.suse.com/support/shellshock X_refsource_confirm
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html 2021-11-17
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html 2021-11-17
http://marc.info/?l=bugtraq&m=141330468527613&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141345648114150&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141383026420882&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141383081521087&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141383196021590&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141383244821813&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141383304022067&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141383353622268&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141383465822787&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141450491804793&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141576728022234&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141577137423233&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141577241923505&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141577297623641&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141585637922673&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=141879528318582&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=142118135300698&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=142358026505815&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=142358078406056&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=142721162228379&w=2 2021-11-17
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash 2021-11-17
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164 2021-11-17
http://www.ubuntu.com/usn/USN-2380-1 2021-11-17
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.0
Search vendor "Gnu" for product "Bash" and version "1.14.0"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.1
Search vendor "Gnu" for product "Bash" and version "1.14.1"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.2
Search vendor "Gnu" for product "Bash" and version "1.14.2"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.3
Search vendor "Gnu" for product "Bash" and version "1.14.3"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.4
Search vendor "Gnu" for product "Bash" and version "1.14.4"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.5
Search vendor "Gnu" for product "Bash" and version "1.14.5"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.6
Search vendor "Gnu" for product "Bash" and version "1.14.6"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
1.14.7
Search vendor "Gnu" for product "Bash" and version "1.14.7"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.0
Search vendor "Gnu" for product "Bash" and version "2.0"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.01
Search vendor "Gnu" for product "Bash" and version "2.01"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.01.1
Search vendor "Gnu" for product "Bash" and version "2.01.1"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.02
Search vendor "Gnu" for product "Bash" and version "2.02"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.02.1
Search vendor "Gnu" for product "Bash" and version "2.02.1"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.03
Search vendor "Gnu" for product "Bash" and version "2.03"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.04
Search vendor "Gnu" for product "Bash" and version "2.04"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.05
Search vendor "Gnu" for product "Bash" and version "2.05"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.05
Search vendor "Gnu" for product "Bash" and version "2.05"
a
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
2.05
Search vendor "Gnu" for product "Bash" and version "2.05"
b
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
3.0
Search vendor "Gnu" for product "Bash" and version "3.0"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
3.0.16
Search vendor "Gnu" for product "Bash" and version "3.0.16"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
3.1
Search vendor "Gnu" for product "Bash" and version "3.1"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
3.2
Search vendor "Gnu" for product "Bash" and version "3.2"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
3.2.48
Search vendor "Gnu" for product "Bash" and version "3.2.48"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
4.0
Search vendor "Gnu" for product "Bash" and version "4.0"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
4.0
Search vendor "Gnu" for product "Bash" and version "4.0"
rc1
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
4.1
Search vendor "Gnu" for product "Bash" and version "4.1"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
4.2
Search vendor "Gnu" for product "Bash" and version "4.2"
-
Affected
Gnu
Search vendor "Gnu"
Bash
Search vendor "Gnu" for product "Bash"
4.3
Search vendor "Gnu" for product "Bash" and version "4.3"
-
Affected