GNU Bash Script Parsing Two Vulnerabilities


Description   Two vulnerabilities have been reported in GNU Bash, where one has an unknown impact and the other can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
1) A boundary error when handling here documents can be exploited to cause a buffer overflow.
Successful exploitation of this vulnerability may allow execution of arbitrary code.
2) An off-by-one error when handling nested flow control structures can be exploited to cause a buffer overflow.
The vulnerabilities are reported in versions 3.2 through 4.3. Other versions may also be affected.
     
Vulnerable Products   Vulnerable Software:
GNU Bash 3.xGNU bash 4.x
     
Solution   Apply patch.
     
CVE   CVE-2014-7187
CVE-2014-7186
     
References   GNU Bash:
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-028
http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-051
http://ftp.gnu.org/gnu/bash/bash-4.1-patches/bash41-015
http://ftp.gnu.org/gnu/bash/bash-4.0-patches/bash40-042
http://ftp.gnu.org/gnu/bash/bash-3.2-patches/bash32-055
http://ftp.gnu.org/gnu/bash/bash-3.1-patches/bash31-021
http://ftp.gnu.org/gnu/bash/bash-3.0-patches/bash30-020
http://ftp.gnu.org/gnu/bash/bash-2.05b-patches/bash205b-011
Florian Weimer:
http://seclists.org/oss-sec/2014/q3/712
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
bash Shellshock dhcp vulnerability CVE-2014-6271
5.0.0
bash Shellshock web vulnerability CVE-2014-6271
5.0.0
bash Shellshock SIP vulnerability CVE-2014-6271
5.0.0
bash Shellshock ftp vulnerability CVE-2014-6271
5.0.0
bash Shellshock smtp vulnerability CVE-2014-6271
5.0.0
     


 
 
 
 
 Risk level 
High 

 Vulnerability First Public Report Date 
2014-09-30 

 Target Type 
Server 

 Possible exploit 
Remote