CVE-2014-6277
Vulnerability from cvelistv5
Published
2014-09-27 22:00
Modified
2024-08-06 12:10
Severity ?
EPSS score ?
Summary
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:10:13.286Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3093", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61283", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61654", }, { name: "USN-2380-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2380-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62312", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61703", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61065", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61641", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60325", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html", }, { name: "20140926 GNU Bash Environment Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62343", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.suse.com/support/shellshock/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/HT204244", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101830", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142289270617409&w=2", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61485", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61312", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3094", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60063", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60034", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "HPSBMU03236", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142289270617409&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200223", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "APPLE-SA-2015-01-27-4", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61128", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60055", }, { name: "59961", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59961", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/security/cve/CVE-2014-6277.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61129", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-27T00:00:00", descriptions: [ { lang: "en", value: "GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-08-08T09:57:01", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3093", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61283", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61654", }, { name: "USN-2380-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2380-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62312", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61703", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61065", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61641", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60325", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { tags: [ "x_refsource_MISC", ], url: "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html", }, { name: "20140926 GNU Bash Environment Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62343", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.suse.com/support/shellshock/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/HT204244", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101830", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142289270617409&w=2", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61485", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61312", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3094", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60063", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60034", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "HPSBMU03236", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142289270617409&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200223", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "APPLE-SA-2015-01-27-4", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61128", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60055", }, { name: "59961", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59961", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_MISC", ], url: "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/security/cve/CVE-2014-6277.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61129", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2014-6277", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "HPSBMU03165", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", refsource: "CONFIRM", url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3093", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3093", }, { name: "SSRT101819", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "HPSBMU03245", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "JVN#55667175", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "60433", refsource: "SECUNIA", url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "HPSBST03155", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", refsource: "SECUNIA", url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", refsource: "SECUNIA", url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "61283", refsource: "SECUNIA", url: "http://secunia.com/advisories/61283", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "61654", refsource: "SECUNIA", url: "http://secunia.com/advisories/61654", }, { name: "USN-2380-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2380-1", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", refsource: "SECUNIA", url: "http://secunia.com/advisories/62312", }, { name: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", refsource: "CONFIRM", url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "SSRT101868", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", refsource: "SECUNIA", url: "http://secunia.com/advisories/61703", }, { name: "61065", refsource: "SECUNIA", url: "http://secunia.com/advisories/61065", }, { name: "HPSBST03129", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "61641", refsource: "SECUNIA", url: "http://secunia.com/advisories/61641", }, { name: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", refsource: "CONFIRM", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "SUSE-SU-2014:1287", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "MDVSA-2015:164", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "HPSBMU03220", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", refsource: "SECUNIA", url: "http://secunia.com/advisories/60325", }, { name: "60024", refsource: "SECUNIA", url: "http://secunia.com/advisories/60024", }, { name: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html", refsource: "MISC", url: "http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html", }, { name: "20140926 GNU Bash Environment Variable Command Injection Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "62343", refsource: "SECUNIA", url: "http://secunia.com/advisories/62343", }, { name: "61565", refsource: "SECUNIA", url: "http://secunia.com/advisories/61565", }, { name: "https://www.suse.com/support/shellshock/", refsource: "CONFIRM", url: "https://www.suse.com/support/shellshock/", }, { name: "http://support.apple.com/HT204244", refsource: "CONFIRM", url: "http://support.apple.com/HT204244", }, { name: "HPSBST03157", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", refsource: "SECUNIA", url: "http://secunia.com/advisories/61313", }, { name: "SSRT101830", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142289270617409&w=2", }, { name: "SSRT101742", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61485", refsource: "SECUNIA", url: "http://secunia.com/advisories/61485", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "HPSBST03154", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", refsource: "SECUNIA", url: "http://secunia.com/advisories/61312", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3094", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3094", }, { name: "60193", refsource: "SECUNIA", url: "http://secunia.com/advisories/60193", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "60063", refsource: "SECUNIA", url: "http://secunia.com/advisories/60063", }, { name: "60034", refsource: "SECUNIA", url: "http://secunia.com/advisories/60034", }, { name: "59907", refsource: "SECUNIA", url: "http://secunia.com/advisories/59907", }, { name: "58200", refsource: "SECUNIA", url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", refsource: "SECUNIA", url: "http://secunia.com/advisories/61643", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015721", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", refsource: "SECUNIA", url: "http://secunia.com/advisories/61503", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "HPSBMU03236", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142289270617409&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { name: "http://www.qnap.com/i/en/support/con_show.php?cid=61", refsource: "CONFIRM", url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "61552", refsource: "SECUNIA", url: "http://secunia.com/advisories/61552", }, { name: "61780", refsource: "SECUNIA", url: "http://secunia.com/advisories/61780", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { name: "https://support.citrix.com/article/CTX200223", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200223", }, { name: "HPSBGN03138", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "60044", refsource: "SECUNIA", url: "http://secunia.com/advisories/60044", }, { name: "61291", refsource: "SECUNIA", url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "61287", refsource: "SECUNIA", url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "APPLE-SA-2015-01-27-4", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", }, { name: "HPSBGN03141", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "61128", refsource: "SECUNIA", url: "http://secunia.com/advisories/61128", }, { name: "https://support.citrix.com/article/CTX200217", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", refsource: "SECUNIA", url: "http://secunia.com/advisories/61471", }, { name: "60055", refsource: "SECUNIA", url: "http://secunia.com/advisories/60055", }, { name: "59961", refsource: "SECUNIA", url: "http://secunia.com/advisories/59961", }, { name: "61550", refsource: "SECUNIA", url: "http://secunia.com/advisories/61550", }, { name: "61633", refsource: "SECUNIA", url: "http://secunia.com/advisories/61633", }, { name: "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html", refsource: "MISC", url: "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { name: "http://support.novell.com/security/cve/CVE-2014-6277.html", refsource: "CONFIRM", url: "http://support.novell.com/security/cve/CVE-2014-6277.html", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA82", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "61328", refsource: "SECUNIA", url: "http://secunia.com/advisories/61328", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", refsource: "SECUNIA", url: "http://secunia.com/advisories/61129", }, { name: "61603", refsource: "SECUNIA", url: "http://secunia.com/advisories/61603", }, { name: "61857", refsource: "SECUNIA", url: "http://secunia.com/advisories/61857", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2014-6277", datePublished: "2014-09-27T22:00:00", dateReserved: "2014-09-09T00:00:00", dateUpdated: "2024-08-06T12:10:13.286Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2014-6277\",\"sourceIdentifier\":\"security@debian.org\",\"published\":\"2014-09-27T22:55:02.660\",\"lastModified\":\"2024-11-21T02:14:04.890\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.\"},{\"lang\":\"es\",\"value\":\"GNU Bash hasta 4.3 bash43-026 no analiza debidamente las definiciones de funciones en los valores de las variables de entornos, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (acceso a memoria no inicializada, y operaciones de leer y escribir de puntero no confiables) a través de un entorno manipulado, como fue demostrado por vectores que involucran la característica ForceCommand en OpenSSH sshd, los módulos mod_cgi y mod_cgid en el servidor de Apache HTTP , secuencias de comandos ejecutados por clientes DHCP no especificados, y otras situaciones en que la configuración del entorno ocurre cruzando un límite de privilegios de la ejecución de Bash. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-6271 y CVE-2014-7169.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCAC75DF-FFF7-4721-9D47-6E29A5CCB7C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCF4B4BB-C5A0-4283-9657-FC61BC95C014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B04CBBD-E855-48D7-A5C9-AEC2B38FF1F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"972BDA0A-25C8-4C02-8624-07D2462C214C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B9EDE56-A8C4-40A8-9D14-F6E86F464BD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAB4B8E1-E013-4DB5-AF65-70CC2AEC3B20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5428D5A-7443-4BDD-9690-E44DBDBCAC9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:1.14.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18A6E8C3-334D-443B-8AD6-F8A131490F4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C74DAE6-8A77-47BF-B3ED-D76CD5AD75BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B631B7E-C59D-444F-80CE-DC2345A56E97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.01.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91C8E637-AD10-4854-AD60-A908D017DDA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75AB7456-89E4-4F40-82D0-EED52CAEE670\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.02.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E516F7-B6C6-4A0B-90F4-BC0F382E62E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E37A5D0-79EB-442D-B4B8-49F5137A3FA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE919509-57B0-4D13-9503-943D5BFED620\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F027515-A126-4899-B78E-121C8312002F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.05:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC05A483-FAFD-4C40-85BC-D2EE907B2B54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:2.05:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"097C61C9-4761-4D8F-9590-376FC1A5522B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA81069-36E0-4035-B31F-A5281E10C760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:3.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC216C39-2EA0-4B58-87EA-81A737E5D2E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88731DFF-B0B1-4325-A662-287D5E6E7265\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7BB3ECE-0E83-45EB-AC27-BA29E2C52D1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:3.2.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FA313D8-2B28-4C73-A96B-7814C37F0725\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43630818-4A62-4766-AADC-AB87BE1C5553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:4.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"202B9DB4-80DC-4D1C-8DA8-C06E89FF542A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37CB667F-26C8-46FA-81CE-1F6909AC006D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"755984AB-D061-45F0-8845-D7B78BA506E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:bash:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC1DAC9F-711C-47EA-9BBC-0EDB2AF0A1AC\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/en/jp/JVN55667175/index.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126\",\"source\":\"security@debian.org\"},{\"url\":\"http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html\",\"source\":\"security@debian.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3093\",\"source\":\"security@debian.org\"},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3094\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141330468527613&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141345648114150&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383026420882&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383081521087&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383196021590&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383244821813&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383304022067&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383353622268&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383465822787&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141450491804793&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141576728022234&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141577137423233&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141577241923505&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141577297623641&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141585637922673&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142289270617409&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142289270617409&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142358078406056&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"security@debian.org\"},{\"url\":\"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/58200\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/59907\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/59961\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60024\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60034\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60044\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60055\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60063\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60193\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60325\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/60433\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61065\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61128\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61129\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61283\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61287\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61291\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61312\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61313\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61328\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61442\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61471\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61485\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61503\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61550\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61552\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61565\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61603\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61633\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61641\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61643\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61654\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61703\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61780\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61816\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/61857\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/62312\",\"source\":\"security@debian.org\"},{\"url\":\"http://secunia.com/advisories/62343\",\"source\":\"security@debian.org\"},{\"url\":\"http://support.apple.com/HT204244\",\"source\":\"security@debian.org\"},{\"url\":\"http://support.novell.com/security/cve/CVE-2014-6277.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\",\"source\":\"security@debian.org\"},{\"url\":\"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.novell.com/support/kb/doc.php?id=7015721\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.qnap.com/i/en/support/con_show.php?cid=61\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2380-1\",\"source\":\"security@debian.org\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\",\"source\":\"security@debian.org\"},{\"url\":\"https://kb.bluecoat.com/index?page=content&id=SA82\",\"source\":\"security@debian.org\"},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\",\"source\":\"security@debian.org\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\",\"source\":\"security@debian.org\"},{\"url\":\"https://support.apple.com/HT205267\",\"source\":\"security@debian.org\"},{\"url\":\"https://support.citrix.com/article/CTX200217\",\"source\":\"security@debian.org\"},{\"url\":\"https://support.citrix.com/article/CTX200223\",\"source\":\"security@debian.org\"},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\",\"source\":\"security@debian.org\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\",\"source\":\"security@debian.org\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\",\"source\":\"security@debian.org\"},{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\",\"source\":\"security@debian.org\"},{\"url\":\"https://www.suse.com/support/shellshock/\",\"source\":\"security@debian.org\"},{\"url\":\"http://jvn.jp/en/jp/JVN55667175/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3093\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-3094\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141330468527613&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141345648114150&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383026420882&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383081521087&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383196021590&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383244821813&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383304022067&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383353622268&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141383465822787&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141450491804793&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141576728022234&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141577137423233&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141577241923505&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141577297623641&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141585637922673&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=141879528318582&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142118135300698&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142289270617409&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142289270617409&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142358026505815&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142358078406056&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=142721162228379&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/58200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60024\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60034\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60044\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60063\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60325\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60433\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61287\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61442\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61550\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61565\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61603\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61641\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61643\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61654\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/61857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62343\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/HT204244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.novell.com/security/cve/CVE-2014-6277.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685733\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685749\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21685914\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686246\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686494\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21687079\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/support/kb/doc.php?id=7015721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.qnap.com/i/en/support/con_show.php?cid=61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2380-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.bluecoat.com/index?page=content&id=SA82\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content&id=SB10085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT205267\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.citrix.com/article/CTX200217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.citrix.com/article/CTX200223\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.suse.com/support/shellshock/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.