HomePentest-Tools.com Logo

GNU Bash Environment Variable Handling RCE Vulnerability (Shellshock, Linux/Unix SSH Login, CVE-2014-7186) - Active Check

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

GNU Bash is prone to a remote command execution (RCE) vulnerability dubbed Shellshock.

Risk description

GNU bash contains a flaw that is triggered when evaluating untrusted input during stacked redirects handling. Successful exploitation will allow remote or local attackers to inject shell commands, allowing local privilege escalation or remote command execution depending on the application vector.

Recommendation

Apply the appropriate patch provided by the vendor.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 28, 2014
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available