GNU Bash Shell Function Definitions OS Commands Injection Vulnerability


Description   A vulnerability has been reported in GNU Bash, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error when parsing shell function definitions passed via environment variables and can be exploited to e.g. execute arbitrary shell commands via a specially crafted environment variable value passed to a CGI script via certain HTTP headers.
Note: Reportedly, this is currently being exploited in limited attacks in the wild.
The vulnerability is reported in versions 3.0 through 4.3.
     
Vulnerable Products   Vulnerable Software:
GNU Bash 3.xGNU bash 4.x
     
Solution   Apply patch.
     
CVE   CVE-2014-6271
     
References   GNU Bash:
http://ftp.gnu.org/pub/gnu/bash/bash-3.0-patches/bash30-017
http://ftp.gnu.org/pub/gnu/bash/bash-3.1-patches/bash31-018
http://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052
http://ftp.gnu.org/pub/gnu/bash/bash-4.0-patches/bash40-039
http://ftp.gnu.org/pub/gnu/bash/bash-4.1-patches/bash41-012
http://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-048
http://ftp.gnu.org/pub/gnu/bash/bash-4.3-patches/bash43-025
Red Hat:
http://seclists.org/oss-sec/2014/q3/649
http://seclists.org/oss-sec/2014/q3/650
MITRE:
http://seclists.org/oss-sec/2014/q3/685
Debian:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762760
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762761
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
bash Shellshock dhcp vulnerability CVE-2014-6271
5.0.0
bash Shellshock web vulnerability CVE-2014-6271
5.0.0
bash Shellshock SIP vulnerability CVE-2014-6271
5.0.0
bash Shellshock ftp vulnerability CVE-2014-6271
5.0.0
bash Shellshock smtp vulnerability CVE-2014-6271
5.0.0
     


 
 
 
 
 Risk level 
High 

 Vulnerability First Public Report Date 
2014-09-25 

 Target Type 
Client + Server 

 Possible exploit 
Remote