- Home
- CVEs with nessus.description==GNU Bash through 4.3 processes trailing strings after function
definitions in the values of environment variables, which allows
remote attackers to execute arbitrary code via a crafted environment,
as demonstrated by vectors involving the ForceCommand feature in
OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP
Server, scripts executed by unspecified DHCP clients, and other
situations in which setting the environment occurs across a privilege
boundary from Bash execution.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top