var-201409-1155
Vulnerability from variot
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Additionally two out-of-bounds array accesses in the bash parser are fixed which were revealed in Red Hat's internal analysis for these issues and also independently reported by Todd Sabin.
For the stable distribution (wheezy), these problems have been fixed in version 4.2+dfsg-0.1+deb7u3.
This vulnerability allows users that have been granted access to a shell script to escalate privilege and execute unrestricted commands at the same security level as the Bash script.
HP Product Firmware Version
HP StoreEver ESL G3 Tape Libraries with MCB version 2 680H_GS40701
HP StoreEver ESL G3 Tape Libraries with MCB version 1 656H_GS10801
The firmware is customer installable and is available in the Drivers, Software & Firmware section at the following location:
http://www.hp.com/support/eslg3
Notes:
- Updating the library firmware requires a reboot of the library.
- If the library firmware cannot be updated, HP recommends following the
Mitigation Instructions below.
Mitigation Instructions
HP recommends the following mitigation steps to reduce the risk of this vulnerability for HP StoreEver ESL G3 Tape Library.
- Disable DHCP and only use static IP addressing. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bash Shift_JIS security update Advisory ID: RHSA-2014:1865-01 Product: RHEL S-JIS Service Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1865.html Issue date: 2014-11-17 CVE Names: CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 =====================================================================
- Summary:
Updated bash Shift_JIS packages that fix one security issue are now available for Red Hat Enterprise Linux 5.9 Extended Update Support.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
SJIS (v. 5.9.z Server) - i386, ia64, x86_64
- Description:
The GNU Bourne Again shell (Bash) is a shell and command language interpreter compatible with the Bourne shell (sh). Bash is the default shell for Red Hat Enterprise Linux.
Shift_JIS, also known as "SJIS", is a character encoding for the Japanese language. This package provides bash support for the Shift_JIS encoding.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables need to be made aware of changes to the way names are handled by this update. Note that certain services, screen sessions, and tmux sessions may need to be restarted, and affected interactive users may need to re-login. Installing these updated packages without restarting services will address the vulnerability, but functionality may be impacted until affected services are restarted. For more information see the Knowledgebase article at https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers, and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the aforementioned Knowledgebase article.
All users who require Shift_JIS encoding support with Bash built-in functions are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Package List:
SJIS (v. 5.9.z Server):
Source: bash-3.2-32.el5_9.3.sjis.1.src.rpm
i386: bash-3.2-32.el5_9.3.sjis.1.i386.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm
ia64: bash-3.2-32.el5_9.3.sjis.1.i386.rpm bash-3.2-32.el5_9.3.sjis.1.ia64.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.ia64.rpm
x86_64: bash-3.2-32.el5_9.3.sjis.1.x86_64.rpm bash-debuginfo-3.2-32.el5_9.3.sjis.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-7169 https://access.redhat.com/security/cve/CVE-2014-7186 https://access.redhat.com/security/cve/CVE-2014-7187 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/1200223
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUajscXlSAg2UNWIIRAlnnAJ46tmMAMI0D6YRHybY5HJ7Mv77fIwCguKAJ ZiE90Rp/vQArh9+LpxnTqGI= =iltu -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Please refer to the RESOLUTION section below for a list of impacted products.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION HP has made the following updates available to resolve the vulnerability in HP StoreOnce Gen 2 Backup systems. The shell is not accessible via the standard calibration or remote management interfaces.
NOTE: Only the Z27x model is vulnerable. The unit provides Calibration Software running on embedded Linux, which includes a Bash Shell. The software is used for service purposes only.
This bulletin will be revised when the firmware update is released.
Release Date: 2014-10-03 Last Updated: 2014-10-03
Potential Security Impact: Injection of code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP Thin Clients running bash.
References:
CVE-2014-6271 CVE-2014-7169 SSRT101728
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Note: all versions of HP Thin Pro and HP Smart Zero Core operating systems prior to version 5.1.0 are affected by this vulnerability. Following is a complete list of affected operating systems.
HP ThinPro
HP ThinPro 5.0 (released June 2014) HP ThinPro 4.4 (released November 2013) HP ThinPro 4.3 (released June 2013) HP ThinPro 4.2 (released November 2012) HP ThinPro 4.1 (released March 2012) HP ThinPro 3.2 (released November 2010) HP ThinPro 3.1 (released June 2010) HP ThinPro 3.0 (released November 2009) HP ThinPro 2.0 (released 2009) HP ThinPro 1.5 (released 2009) HP ThinPro 1.0 (released 2008)
HP Smart Zero Core
HP Smart Zero Core 5.0 (released June 2014) HP Smart Zero Core 4.4 (released November 2013) HP Smart Zero Core 4.3 (released June 2013) HP Smart Zero Core 4.2 (released November 2012) HP Smart Zero Core 4.1 (released March 2012) HP Smart Zero Core 4.0 (released March 2011)
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10 CVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has released the following software updates to resolve the vulnerability.
Product Affected Product Versions Patch Status
HP ThinPro and HP Smart Zero Core (X86) v5.1.0 and above No update required; the Bash shell patch is incorporated into the base image. If you participated in the ThinPro 5.1.0 beta program upgrade to the release version as soon as it becomes available.
HP ThinPro and HP Smart Zero Core (x86) v5.0.x A component update is currently available through Easy Update as: SecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86.xar . The update can be also downloaded directly from ftp://ftp.hp.com/pub/tcdebian /updates/5.0/service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86 .xar Or via softpaq delivery at: ftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe
HP ThinPro and HP Smart Zero Core (x86) v4.4.x A component update is currently available through Easy Update as: SecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar . Or can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/ service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar Or via softpaq delivery at: ftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe
HP ThinPro and HP Smart Zero Core (ARM) v4.4.x A component update is currently available through Easy Update as: SecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar . Or can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/ service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar Or via softpaq delivery at: ftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe
HP ThinPro and HP Smart Zero Core v4.3x and earlier An update will be made available for customers upon request
HISTORY Version:1 (rev.1) - 03 October 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-1155",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "netscaler sdx",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "enterprise linux for power big endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3_ppc64"
},
{
"model": "traffix signaling delivery controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.5"
},
{
"model": "enterprise linux server from rhui",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "zenworks configuration management",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.1"
},
{
"model": "traffix signaling delivery controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.3.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "infosphere guardium database activity monitoring",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "enterprise linux for power big endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5_ppc64"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.11.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "stn7800",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.1.2.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.9"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "storwize v5000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.7"
},
{
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "4.0"
},
{
"model": "infosphere guardium database activity monitoring",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "san volume controller",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "stn7800",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "4.1.2.06"
},
{
"model": "esx",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "3.0.0"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.4"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "workload deployer",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.1.0"
},
{
"model": "pureapplication system",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "enterprise linux for power big endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5_ppc64"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0_ppc"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.9.12"
},
{
"model": "qts",
"scope": "lt",
"trust": 1.0,
"vendor": "qnap",
"version": "4.1.1"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "software defined network for virtual environments",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "1.2.1"
},
{
"model": "storwize v3700",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "starter kit for cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.2.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.6"
},
{
"model": "smartcloud entry appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "3.2.0"
},
{
"model": "storwize v7000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "1.4.3.5"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4_s390x"
},
{
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.8"
},
{
"model": "storwize v7000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "san volume controller",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.7"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "big-ip protocol security module",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "security access manager for mobile 8.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "storwize v5000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "enterprise linux for power big endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6_ppc64"
},
{
"model": "stn7800",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "3.8.0.07"
},
{
"model": "security access manager for mobile 8.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "netscaler sdx",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "9.3.67.5r1"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "mageia",
"scope": "eq",
"trust": 1.0,
"vendor": "mageia",
"version": "3.0"
},
{
"model": "stn6800",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "3.9.1.08"
},
{
"model": "gluster storage server for on-premise",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "storwize v7000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.13.0"
},
{
"model": "infosphere guardium database activity monitoring",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "qradar risk manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5_s390x"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "storwize v3500",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0_ppc64"
},
{
"model": "stn6500",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "4.1.2.06"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7_s390x"
},
{
"model": "workload deployer",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "storwize v7000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.7"
},
{
"model": "traffix signaling delivery controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.1.0"
},
{
"model": "netscaler sdx",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "10.5.52.11r1"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "big-iq security",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "traffix signaling delivery controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.5.1"
},
{
"model": "stn6500",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.9.1.0"
},
{
"model": "enterprise manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "2.3.0"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "storwize v7000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "1.5.0.4"
},
{
"model": "big-ip protocol security module",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "esx",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "smartcloud entry appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.8"
},
{
"model": "traffix signaling delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "san volume controller",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "stn6800",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.9.1.0"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "storwize v3700",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "storwize v3500",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "traffix signaling delivery controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.4.1"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.11.11"
},
{
"model": "pureapplication system",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.0.0.0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.9_ppc"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.6"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0_ppc64"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"model": "enterprise manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "2.1.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4_s390x"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "storwize v3500",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.14.0"
},
{
"model": "security access manager for web 8.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4_ppc64"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "stn6500",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.8.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "security access manager for web 8.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "storwize v3700",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5_s390x"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6_s390x"
},
{
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "enterprise linux for power big endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4_ppc64"
},
{
"model": "storwize v7000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "studio onsite",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "1.3"
},
{
"model": "flex system v7000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "pureapplication system",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.0.0.4"
},
{
"model": "stn6800",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.8.0.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "storwize v5000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "big-ip protocol security module",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "qts",
"scope": "eq",
"trust": 1.0,
"vendor": "qnap",
"version": "4.1.1"
},
{
"model": "storwize v3700",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.7"
},
{
"model": "storwize v3500",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.7"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.14.4f"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.10.9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "zenworks configuration management",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.3.0"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.13.9"
},
{
"model": "enterprise linux for power big endian eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7_ppc64"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "flex system v7000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "stn6800",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "4.1.2.06"
},
{
"model": "vcenter server appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.6"
},
{
"model": "stn7800",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.9.1.0"
},
{
"model": "flex system v7000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.5"
},
{
"model": "smartcloud entry appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "arx",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "6.4.0"
},
{
"model": "storwize v5000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "stn6500",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "3.8.0.07"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.0.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "storwize v3700",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.1.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.2"
},
{
"model": "security access manager for mobile 8.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.6"
},
{
"model": "storwize v3500",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.0"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.9.0"
},
{
"model": "big-ip protocol security module",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "big-ip wan optimization manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "stn7800",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "3.9.1.08"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.4"
},
{
"model": "storwize v3700",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "storwize v3500",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "qradar vulnerability manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.9"
},
{
"model": "stn6800",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "3.8.0.07"
},
{
"model": "flex system v7000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.7"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.7"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.10.0"
},
{
"model": "stn7800",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "3.8.0.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "zenworks configuration management",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "10.3"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "san volume controller",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "storwize v7000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "san volume controller",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "pureapplication system",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "open enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.0"
},
{
"model": "bash",
"scope": "lte",
"trust": 1.0,
"vendor": "gnu",
"version": "4.3"
},
{
"model": "security access manager for mobile 8.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "stn6800",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.1.2.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-iq security",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "enterprise linux server from rhui",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "eos",
"scope": "lt",
"trust": 1.0,
"vendor": "arista",
"version": "4.12.9"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.9_s390x"
},
{
"model": "open enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "2.0"
},
{
"model": "san volume controller",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3_s390x"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "eos",
"scope": "gte",
"trust": 1.0,
"vendor": "arista",
"version": "4.12.0"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.8.15"
},
{
"model": "smartcloud entry appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "3.1.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "security gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r77.30"
},
{
"model": "storwize v7000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "big-iq cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "big-iq device",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux server from rhui",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "stn6500",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "3.9.1.08"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.9"
},
{
"model": "security access manager for web 8.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "storwize v5000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "flex system v7000",
"scope": "lt",
"trust": 1.0,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "big-iq cloud",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "vcenter server appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "zenworks configuration management",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11.2"
},
{
"model": "qradar security information and event manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "security access manager for web 7.0",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "big-iq device",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "arx",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "6.0.0"
},
{
"model": "zenworks configuration management",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "11"
},
{
"model": "flex system v7000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "4"
},
{
"model": "netscaler sdx",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "10"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "storwize v5000",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "vcenter server appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.0.0"
},
{
"model": "netscaler sdx",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "10.1.129.11r1"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "stn6500",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "4.1.2.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "10.1.0"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.9,
"vendor": "gnu",
"version": "4.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cygwin",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fireeye",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnu bash",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mageia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "monroe",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "niksun",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "palo alto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnap security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "4.0"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "3.2"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "4.1"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "4.3"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "3.0.16"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.03"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "3.1"
},
{
"model": "bash",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "3.2.48"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7245"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7242"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7238"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7235"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7232"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7228"
},
{
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "78000"
},
{
"model": "phaser",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "67000"
},
{
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9393"
},
{
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9303"
},
{
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9302"
},
{
"model": "colorqube",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "9301"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "email gateway patch",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.01"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0"
},
{
"model": "email gateway hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "6.7.22"
},
{
"model": "email gateway hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "6.7.21"
},
{
"model": "ds8000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "gss 4492r global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"model": "ip deskphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "96x16.2"
},
{
"model": "ip deskphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "96x16"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#252743"
},
{
"db": "BID",
"id": "70166"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
},
{
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "128753"
},
{
"db": "PACKETSTORM",
"id": "129069"
},
{
"db": "PACKETSTORM",
"id": "129067"
},
{
"db": "PACKETSTORM",
"id": "128864"
},
{
"db": "PACKETSTORM",
"id": "128752"
},
{
"db": "PACKETSTORM",
"id": "128666"
},
{
"db": "PACKETSTORM",
"id": "129264"
},
{
"db": "PACKETSTORM",
"id": "129095"
},
{
"db": "PACKETSTORM",
"id": "128545"
},
{
"db": "PACKETSTORM",
"id": "128513"
},
{
"db": "PACKETSTORM",
"id": "128546"
},
{
"db": "PACKETSTORM",
"id": "128755"
}
],
"trust": 1.2
},
"cve": "CVE-2014-7169",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-7169",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-7169",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-7169",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-956",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2014-7169",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
},
{
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \n\nAdditionally two out-of-bounds array accesses in the bash parser are\nfixed which were revealed in Red Hat\u0027s internal analysis for these\nissues and also independently reported by Todd Sabin. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.2+dfsg-0.1+deb7u3. \n\nThis vulnerability allows users that have been granted access to a shell\nscript to escalate privilege and execute unrestricted commands at the same\nsecurity level as the Bash script. \n\n HP Product\n Firmware Version\n\n HP StoreEver ESL G3 Tape Libraries with MCB version 2\n 680H_GS40701\n\n HP StoreEver ESL G3 Tape Libraries with MCB version 1\n 656H_GS10801\n\n The firmware is customer installable and is available in the Drivers,\nSoftware \u0026 Firmware section at the following location:\n\n http://www.hp.com/support/eslg3\n\n Notes:\n\n - Updating the library firmware requires a reboot of the library. \n - If the library firmware cannot be updated, HP recommends following the\nMitigation Instructions below. \n\nMitigation Instructions\n\n HP recommends the following mitigation steps to reduce the risk of this\nvulnerability for HP StoreEver ESL G3 Tape Library. \n\n - Disable DHCP and only use static IP addressing. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bash Shift_JIS security update\nAdvisory ID: RHSA-2014:1865-01\nProduct: RHEL S-JIS Service\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1865.html\nIssue date: 2014-11-17\nCVE Names: CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 \n=====================================================================\n\n1. Summary:\n\nUpdated bash Shift_JIS packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.9 Extended Update Support. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nSJIS (v. 5.9.z Server) - i386, ia64, x86_64\n\n3. Description:\n\nThe GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux. \n\nShift_JIS, also known as \"SJIS\", is a character encoding for the Japanese\nlanguage. This package provides bash support for the Shift_JIS encoding. \n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login. \nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes. \n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article. \n\nAll users who require Shift_JIS encoding support with Bash built-in\nfunctions are advised to upgrade to these updated packages, which contain a\nbackported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata \nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at \nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nSJIS (v. 5.9.z Server):\n\nSource:\nbash-3.2-32.el5_9.3.sjis.1.src.rpm\n\ni386:\nbash-3.2-32.el5_9.3.sjis.1.i386.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm\n\nia64:\nbash-3.2-32.el5_9.3.sjis.1.i386.rpm\nbash-3.2-32.el5_9.3.sjis.1.ia64.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.i386.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.ia64.rpm\n\nx86_64:\nbash-3.2-32.el5_9.3.sjis.1.x86_64.rpm\nbash-debuginfo-3.2-32.el5_9.3.sjis.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-7169\nhttps://access.redhat.com/security/cve/CVE-2014-7186\nhttps://access.redhat.com/security/cve/CVE-2014-7187\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/1200223\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUajscXlSAg2UNWIIRAlnnAJ46tmMAMI0D6YRHybY5HJ7Mv77fIwCguKAJ\nZiE90Rp/vQArh9+LpxnTqGI=\n=iltu\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7186 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2014-7187 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nHP has made the following updates available to resolve the vulnerability in\nHP StoreOnce Gen 2 Backup systems. The shell is not accessible via the standard\ncalibration or remote management interfaces. \n\nNOTE: Only the Z27x model is vulnerable. The unit provides Calibration Software\nrunning on embedded Linux, which includes a Bash Shell. The software is used\nfor service purposes only. \n\nThis bulletin will be revised when the firmware update is released. \n\nRelease Date: 2014-10-03\nLast Updated: 2014-10-03\n\nPotential Security Impact: Injection of code\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with certain HP Thin\nClients running bash. \n\nReferences:\n\nCVE-2014-6271\nCVE-2014-7169\nSSRT101728\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nNote: all versions of HP Thin Pro and HP Smart Zero Core operating systems\nprior to version 5.1.0 are affected by this vulnerability. Following is a\ncomplete list of affected operating systems. \n\nHP ThinPro\n\nHP ThinPro 5.0 (released June 2014)\nHP ThinPro 4.4 (released November 2013)\nHP ThinPro 4.3 (released June 2013)\nHP ThinPro 4.2 (released November 2012)\nHP ThinPro 4.1 (released March 2012)\nHP ThinPro 3.2 (released November 2010)\nHP ThinPro 3.1 (released June 2010)\nHP ThinPro 3.0 (released November 2009)\nHP ThinPro 2.0 (released 2009)\nHP ThinPro 1.5 (released 2009)\nHP ThinPro 1.0 (released 2008)\n\nHP Smart Zero Core\n\nHP Smart Zero Core 5.0 (released June 2014)\nHP Smart Zero Core 4.4 (released November 2013)\nHP Smart Zero Core 4.3 (released June 2013)\nHP Smart Zero Core 4.2 (released November 2012)\nHP Smart Zero Core 4.1 (released March 2012)\nHP Smart Zero Core 4.0 (released March 2011)\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has released the following software updates to resolve the vulnerability. \n\nProduct Affected\n Product Versions\n Patch Status\n\nHP ThinPro and HP Smart Zero Core (X86)\n v5.1.0 and above\n No update required; the Bash shell patch is incorporated into the base\nimage. \nIf you participated in the ThinPro 5.1.0 beta program upgrade to the release\nversion as soon as it becomes available. \n\nHP ThinPro and HP Smart Zero Core (x86)\n v5.0.x\n A component update is currently available through Easy Update as:\nSecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86.xar . \nThe update can be also downloaded directly from ftp://ftp.hp.com/pub/tcdebian\n/updates/5.0/service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86\n.xar\nOr via softpaq delivery at:\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\n\nHP ThinPro and HP Smart Zero Core (x86)\n v4.4.x\n A component update is currently available through Easy Update as:\nSecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar . \nOr can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/\nservice_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar\nOr via softpaq delivery at:\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\n\nHP ThinPro and HP Smart Zero Core (ARM)\n v4.4.x\n A component update is currently available through Easy Update as:\nSecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar . \nOr can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/\nservice_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar\nOr via softpaq delivery at:\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\n\nHP ThinPro and HP Smart Zero Core\n v4.3x and earlier\n An update will be made available for customers upon request\n\nHISTORY\nVersion:1 (rev.1) - 03 October 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-7169"
},
{
"db": "CERT/CC",
"id": "VU#252743"
},
{
"db": "BID",
"id": "70166"
},
{
"db": "PACKETSTORM",
"id": "128431"
},
{
"db": "PACKETSTORM",
"id": "128753"
},
{
"db": "PACKETSTORM",
"id": "129069"
},
{
"db": "PACKETSTORM",
"id": "129067"
},
{
"db": "PACKETSTORM",
"id": "128864"
},
{
"db": "PACKETSTORM",
"id": "128752"
},
{
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"db": "PACKETSTORM",
"id": "129132"
},
{
"db": "PACKETSTORM",
"id": "129264"
},
{
"db": "PACKETSTORM",
"id": "129095"
},
{
"db": "PACKETSTORM",
"id": "128545"
},
{
"db": "PACKETSTORM",
"id": "128513"
},
{
"db": "PACKETSTORM",
"id": "128546"
},
{
"db": "PACKETSTORM",
"id": "128755"
},
{
"db": "PACKETSTORM",
"id": "128666"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=36933",
"trust": 1.5,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-7169"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-7169",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#252743",
"trust": 2.8
},
{
"db": "MCAFEE",
"id": "SB10085",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10648",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "61618",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61641",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61622",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61603",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60055",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61287",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61654",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61188",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61313",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61700",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61552",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61780",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58200",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61550",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61565",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61619",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61479",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61312",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60193",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61129",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61703",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60433",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61128",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61873",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62228",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60063",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61816",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61711",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61633",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59737",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60034",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61643",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60947",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61485",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61676",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61503",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60044",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62343",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61626",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60325",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61291",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59272",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61328",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61283",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61855",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61442",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60024",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61715",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61471",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61857",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61065",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59907",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62312",
"trust": 1.7
},
{
"db": "USCERT",
"id": "TA14-268A",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/09/24/32",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "128567",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "128517",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVN55667175",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-000126",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "34879",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956",
"trust": 0.6
},
{
"db": "JUNIPER",
"id": "JSA10661",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-269-01",
"trust": 0.3
},
{
"db": "BID",
"id": "70166",
"trust": 0.3
},
{
"db": "EXPLOITDB",
"id": "34879",
"trust": 0.1
},
{
"db": "EXPLOITDB",
"id": "36933",
"trust": 0.1
},
{
"db": "ICS CERT",
"id": "ICSA-14-269-01A",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-7169",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128431",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128753",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129067",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128864",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128666",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129132",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129264",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129095",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128545",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128546",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128755",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#252743"
},
{
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"db": "BID",
"id": "70166"
},
{
"db": "PACKETSTORM",
"id": "128431"
},
{
"db": "PACKETSTORM",
"id": "128753"
},
{
"db": "PACKETSTORM",
"id": "129069"
},
{
"db": "PACKETSTORM",
"id": "129067"
},
{
"db": "PACKETSTORM",
"id": "128864"
},
{
"db": "PACKETSTORM",
"id": "128752"
},
{
"db": "PACKETSTORM",
"id": "128666"
},
{
"db": "PACKETSTORM",
"id": "129132"
},
{
"db": "PACKETSTORM",
"id": "129264"
},
{
"db": "PACKETSTORM",
"id": "129095"
},
{
"db": "PACKETSTORM",
"id": "128545"
},
{
"db": "PACKETSTORM",
"id": "128513"
},
{
"db": "PACKETSTORM",
"id": "128546"
},
{
"db": "PACKETSTORM",
"id": "128755"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
},
{
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"id": "VAR-201409-1155",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3212341
},
"last_update_date": "2024-11-29T21:48:34.624000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "bash4.1.2-15.el6_5.2.x86_64",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54163"
},
{
"title": "bash-4.2-cve-2014-7169-2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54162"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/09/27/oracle_no_shellshock_patches_yet/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/09/26/ico_shellshock_warning/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/09/25/shellshock_bash_worm_type_fears/"
},
{
"title": "Ubuntu Security Notice: bash vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2363-2"
},
{
"title": "Ubuntu Security Notice: bash vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2363-1"
},
{
"title": "Debian CVElist Bug Report Logs: bash: CVE-2014-7169: Incomplete fix for CVE-2014-6271",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=7a56c10ff83e62f236b0dc330aab6c31"
},
{
"title": "Debian Security Advisories: DSA-3035-1 bash -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=f4f02191845c862da8b42c8e3db24b63"
},
{
"title": "Red Hat: CVE-2014-7169",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-7169"
},
{
"title": "Amazon Linux AMI: ALAS-2014-419",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-419"
},
{
"title": "VMware Security Advisories: VMware product updates address critical Bash security vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=86cb6b3955e100fdc9667a7ca916c772"
},
{
"title": "HP: HPSBHF03119 rev.3 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03119"
},
{
"title": "Symantec Security Advisories: SA82 : GNU Bash Shellshock Command Injection Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2b57ceaadfde2a8b03482273e1fd21ea"
},
{
"title": "Citrix Security Bulletins: Citrix XenServer Shellshock Security Update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=64ae0aae8269062686789e3a3fa1d2bf"
},
{
"title": "Tenable Security Advisories: [R7] Tenable Appliance Affected by GNU bash \u0027Shellshock\u0027 Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-07"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for GNU Bash Shellshock Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=73443a6db89dc66fc6bcb49f85bfd1ab"
},
{
"title": "Splunk Security Announcements: Splunk response to \"shellshock\" vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=995d0135ab7f45978bdbc53bcd6ffc14"
},
{
"title": "cookbook_shellshock",
"trust": 0.1,
"url": "https://github.com/ChefRycar/cookbook_shellshock "
},
{
"title": "patchme",
"trust": 0.1,
"url": "https://github.com/jackbezalel/patchme "
},
{
"title": "hackernews-headlines",
"trust": 0.1,
"url": "https://github.com/bodazhao/hackernews-headlines "
},
{
"title": "hacker-news-headlines",
"trust": 0.1,
"url": "https://github.com/bodazhao/hacker-news-headlines "
},
{
"title": "totalshares",
"trust": 0.1,
"url": "https://github.com/Prashant-kumar/totalshares "
},
{
"title": "mysecurity-cookbook",
"trust": 0.1,
"url": "https://github.com/alexpop/mysecurity-cookbook "
},
{
"title": "Shell-Shock-Update",
"trust": 0.1,
"url": "https://github.com/UMDTERPS/Shell-Shock-Update "
},
{
"title": "bash-cve-2014-7169-cookbook",
"trust": 0.1,
"url": "https://github.com/gina-alaska/bash-cve-2014-7169-cookbook "
},
{
"title": "bash-vulnerability",
"trust": 0.1,
"url": "https://github.com/bacarrdy/bash-vulnerability "
},
{
"title": "poc-development",
"trust": 0.1,
"url": "https://github.com/h0n3yb/poc-development "
},
{
"title": "puppet-shellshock",
"trust": 0.1,
"url": "https://github.com/renanvicente/puppet-shellshock "
},
{
"title": "shellshock_salt_grain",
"trust": 0.1,
"url": "https://github.com/jcollie/shellshock_salt_grain "
},
{
"title": "bash-4.2-patched",
"trust": 0.1,
"url": "https://github.com/ricedu/bash-4.2-patched "
},
{
"title": "scripts",
"trust": 0.1,
"url": "https://github.com/omretterry/scripts "
},
{
"title": "macosx-bash-92-shellshock-patched",
"trust": 0.1,
"url": "https://github.com/ido/macosx-bash-92-shellshock-patched "
},
{
"title": "bash-shellshock",
"trust": 0.1,
"url": "https://github.com/dlitz/bash-shellshock "
},
{
"title": "Shellshock-Bash-Remote-Code-Execution-Vulnerability-and-Exploitation",
"trust": 0.1,
"url": "https://github.com/pbr94/Shellshock-Bash-Remote-Code-Execution-Vulnerability-and-Exploitation "
},
{
"title": "smtp-shellshock",
"trust": 0.1,
"url": "https://github.com/BlisterGravy/smtp-shellshock "
},
{
"title": "patch-bash-shellshock",
"trust": 0.1,
"url": "https://github.com/jdauphant/patch-bash-shellshock "
},
{
"title": "exploit-CVE-2014-6271",
"trust": 0.1,
"url": "https://github.com/opsxcq/exploit-CVE-2014-6271 "
},
{
"title": "Pentest-In-Docker",
"trust": 0.1,
"url": "https://github.com/Swordfish-Security/Pentest-In-Docker "
},
{
"title": "dokku-alt",
"trust": 0.1,
"url": "https://github.com/dokku-alt/dokku-alt "
},
{
"title": "linux-pentest",
"trust": 0.1,
"url": "https://github.com/ankh2054/linux-pentest "
},
{
"title": "Exploit-Shellshock",
"trust": 0.1,
"url": "https://github.com/mrigank-9594/Exploit-Shellshock "
},
{
"title": "w-test",
"trust": 0.1,
"url": "https://github.com/inspirion87/w-test "
},
{
"title": "Xpl-SHELLSHOCK-Ch3ck",
"trust": 0.1,
"url": "https://github.com/googleinurl/Xpl-SHELLSHOCK-Ch3ck "
},
{
"title": "bashcheck",
"trust": 0.1,
"url": "https://github.com/hannob/bashcheck "
},
{
"title": "shocktrooper",
"trust": 0.1,
"url": "https://github.com/EvanK/shocktrooper "
},
{
"title": "ShellShockHunter",
"trust": 0.1,
"url": "https://github.com/MrCl0wnLab/ShellShockHunter "
},
{
"title": "shellshockFixOSX",
"trust": 0.1,
"url": "https://github.com/opragel/shellshockFixOSX "
},
{
"title": "shellshocker-pocs",
"trust": 0.1,
"url": "https://github.com/mubix/shellshocker-pocs "
},
{
"title": "Boot2root-CTFs-Writeups",
"trust": 0.1,
"url": "https://github.com/Jean-Francois-C/Boot2root-CTFs "
},
{
"title": "Boot2root-CTFs-Writeups",
"trust": 0.1,
"url": "https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/researcher-takes-wraps-off-two-undisclosed-shellshock-vulnerabilities-in-bash/108674/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/vmware-begins-to-patch-bash-issues-across-product-line/108632/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/bash-exploit-reported-first-round-of-patches-incomplete/108550/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140926-bash"
},
{
"trust": 2.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10085"
},
{
"trust": 2.6,
"url": "https://access.redhat.com/articles/1200223"
},
{
"trust": 2.5,
"url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"trust": 2.5,
"url": "http://support.apple.com/kb/ht6495"
},
{
"trust": 2.5,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa82"
},
{
"trust": 2.5,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
},
{
"trust": 2.0,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10648"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021272"
},
{
"trust": 2.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0010.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004898"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004897"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004915"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021279"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096315"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/252743"
},
{
"trust": 1.7,
"url": "http://twitter.com/taviso/statuses/514887394294652929"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2363-1"
},
{
"trust": 1.7,
"url": "http://www.us-cert.gov/ncas/alerts/ta14-268a"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2014/dsa-3035"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2363-2"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1306.html"
},
{
"trust": 1.7,
"url": "https://www.suse.com/support/shellshock/"
},
{
"trust": 1.7,
"url": "http://support.novell.com/security/cve/cve-2014-7169.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61626"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59737"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61641"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2014-3075.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61700"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61618"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2014-1306.html"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2014-3077.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61676"
},
{
"trust": 1.7,
"url": "http://www.novell.com/support/kb/doc.php?id=7015701"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61622"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2014-3078.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61479"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61619"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1311.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1312.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61485"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59907"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61654"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/128567/ca-technologies-gnu-bash-shellshock.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61565"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61643"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61633"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61552"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61283"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61603"
},
{
"trust": 1.7,
"url": "http://www.novell.com/support/kb/doc.php?id=7015721"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61503"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61711"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61715"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61703"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/oct/0"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/128517/vmware-security-advisory-2014-0010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60947"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
},
{
"trust": 1.7,
"url": "https://support.apple.com/kb/ht6535"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61188"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60034"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61816"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61442"
},
{
"trust": 1.7,
"url": "https://support.citrix.com/article/ctx200223"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60055"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61780"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60193"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61855"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60325"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61312"
},
{
"trust": 1.7,
"url": "https://support.citrix.com/article/ctx200217"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004879"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61128"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61313"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61287"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61129"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61471"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61328"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58200"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61857"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61065"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61550"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60044"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021361"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60024"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60063"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61291"
},
{
"trust": 1.7,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityalerts"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60433"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
},
{
"trust": 1.7,
"url": "http://jvn.jp/en/jp/jvn55667175/index.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
},
{
"trust": 1.7,
"url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
},
{
"trust": 1.7,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2014-000126"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1354.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61873"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62343"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62312"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.7,
"url": "http://advisories.mageia.org/mgasa-2014-0393.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:164"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62228"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/node/1200223"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59272"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/34879/"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c04518183"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c04497075"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
},
{
"trust": 1.6,
"url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7169"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 1.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 1.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6271"
},
{
"trust": 1.1,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-030/"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7186"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7187"
},
{
"trust": 0.8,
"url": "http://seclists.org/oss-sec/2014/q3/650"
},
{
"trust": 0.8,
"url": "http://seclists.org/oss-sec/2014/q3/688"
},
{
"trust": 0.8,
"url": "http://seclists.org/oss-sec/2014/q3/685"
},
{
"trust": 0.8,
"url": "http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html"
},
{
"trust": 0.8,
"url": "https://gist.github.com/anonymous/929d622f3b36b00c0be1"
},
{
"trust": 0.8,
"url": "https://www.dfranke.us/posts/2014-09-27-shell-shock-exploitation-vectors.html"
},
{
"trust": 0.8,
"url": "https://shellshocker.net/#"
},
{
"trust": 0.8,
"url": "https://www.barracuda.com/support/techalerts"
},
{
"trust": 0.8,
"url": "http://www.checkpoint.com/blog/protecting-shellshock/index.html"
},
{
"trust": 0.8,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10044"
},
{
"trust": 0.8,
"url": "https://www.debian.org/security/2014/dsa-3032"
},
{
"trust": 0.8,
"url": "http://learn.extremenetworks.com/rs/extreme/images/vn-2014-001-%20gnu%20bash%20threats%20-cve-2014-7169%20rev01.pdf"
},
{
"trust": 0.8,
"url": "http://fedoramagazine.org/shellshock-update-bash-packages-that-resolve-cve-2014-6271-and-cve-2014-7169-available/"
},
{
"trust": 0.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201409-09.xml"
},
{
"trust": 0.8,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.15ee22.l8mgqe..n.ghvs.8f9a.bw89mq%5f%5fdbosfqk0"
},
{
"trust": 0.8,
"url": "http://kb.juniper.net/jsa10648"
},
{
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/av14-003.html"
},
{
"trust": 0.8,
"url": "http://support.novell.com/security/cve/cve-2014-6271.html"
},
{
"trust": 0.8,
"url": "https://www.suse.com/support/kb/doc.php?id=7015702"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.522193"
},
{
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-2362-1/"
},
{
"trust": 0.8,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us\u0026cmd=displaykc\u0026externalid=2090740"
},
{
"trust": 0.8,
"url": "http://pkgsrc.se/files.php?messageid=20140925202832.9ad9c98@cvs.netbsd.org"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6277"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6278"
},
{
"trust": 0.5,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea"
},
{
"trust": 0.3,
"url": "http://lcamtuf.blogspot.de/2014/09/bash-bug-apply-unofficial-patch-now.html"
},
{
"trust": 0.3,
"url": "http://www.gnu.org/software/bash/"
},
{
"trust": 0.3,
"url": "https://lists.gnu.org/archive/html/bug-bash/2014-10/msg00040.html"
},
{
"trust": 0.3,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk102673"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=kb83017"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_bash"
},
{
"trust": 0.3,
"url": "http://lcamtuf.blogspot.in/2014/09/quick-notes-about-bash-bug-its-impact.html"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_vulnerabilities_in_bash_affect_certain_qlogic_products_that_ibm_resells_for_bladecenter_and_flex_system_products_cve_2014_6271_c"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-372538.htm"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html?ref=rss"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004932"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686433"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1021361"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686494"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686445"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004903"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004928"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004911"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686479"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04497075"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2014/oct/25"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10661\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100183172"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/supplement-icsa-14-269-01"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/bluu-9paps5"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479398"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479402"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479601"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479505"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479492"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04475942"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04471532"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04488200"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04478866"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479536"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04540692"
},
{
"trust": 0.3,
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04561445"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04471546"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04471538"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04497042"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04512907 "
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/76"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04558068"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/feb/77"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04487558"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04487573"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04496383"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/bluu-9paptm"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/bluu-9paptz"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/1a2e5-5116a33c2fb27/cert_security_mini-_bulletin_xrx15k_for_77xx_r15-03_v1.0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2b8d8-513128526dd97/cert_security_mini-_bulletin_xrx15m_for_wc75xx_v1_1.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2eeef-51056e459c6d8/cert_security_mini-_bulletin_xrx15h_for_p7800_v1_0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2a20e-5105457a515cc/cert_security_mini-_bulletin_xrx15e_for_wc57xx_v1_0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2a901-510567b876a35/cert_security_mini-_bulletin_xrx15g_for_p6700_v1_0.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/29a7e-50e49f9c009f9/cert_security_mini_bulletin_xrx14g_for_77xx_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/1a7a1-50f12e334b734/cert_security_mini-_bulletin_xrx14h_for_wc59xx_v1.pdf"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/2df3c-51055b159fd50/cert_security_mini_bulletin_xrx15f_for_connectkey_1.5_v1-01.pdf"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-377648.htm"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004982"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004879"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685873"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21686132"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096533"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21686024"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686037"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21685733"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686171"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21686098"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685875"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020272"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21685541"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004905"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685673"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21685837"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687971"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685691"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004933"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096503"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004945"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100183088"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2014-7169"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2104-6277"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2104-6278"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://github.com/chefrycar/cookbook_shellshock"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-269-01a"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/36933/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.hp.com/support/eslg3"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-7187"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-1865.html"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-7186"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#252743"
},
{
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"db": "BID",
"id": "70166"
},
{
"db": "PACKETSTORM",
"id": "128431"
},
{
"db": "PACKETSTORM",
"id": "128753"
},
{
"db": "PACKETSTORM",
"id": "129069"
},
{
"db": "PACKETSTORM",
"id": "129067"
},
{
"db": "PACKETSTORM",
"id": "128864"
},
{
"db": "PACKETSTORM",
"id": "128752"
},
{
"db": "PACKETSTORM",
"id": "128666"
},
{
"db": "PACKETSTORM",
"id": "129132"
},
{
"db": "PACKETSTORM",
"id": "129264"
},
{
"db": "PACKETSTORM",
"id": "129095"
},
{
"db": "PACKETSTORM",
"id": "128545"
},
{
"db": "PACKETSTORM",
"id": "128513"
},
{
"db": "PACKETSTORM",
"id": "128546"
},
{
"db": "PACKETSTORM",
"id": "128755"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
},
{
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#252743"
},
{
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"db": "BID",
"id": "70166"
},
{
"db": "PACKETSTORM",
"id": "128431"
},
{
"db": "PACKETSTORM",
"id": "128753"
},
{
"db": "PACKETSTORM",
"id": "129069"
},
{
"db": "PACKETSTORM",
"id": "129067"
},
{
"db": "PACKETSTORM",
"id": "128864"
},
{
"db": "PACKETSTORM",
"id": "128752"
},
{
"db": "PACKETSTORM",
"id": "128666"
},
{
"db": "PACKETSTORM",
"id": "129132"
},
{
"db": "PACKETSTORM",
"id": "129264"
},
{
"db": "PACKETSTORM",
"id": "129095"
},
{
"db": "PACKETSTORM",
"id": "128545"
},
{
"db": "PACKETSTORM",
"id": "128513"
},
{
"db": "PACKETSTORM",
"id": "128546"
},
{
"db": "PACKETSTORM",
"id": "128755"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
},
{
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-25T00:00:00",
"db": "CERT/CC",
"id": "VU#252743"
},
{
"date": "2014-09-25T00:00:00",
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"date": "2014-09-27T00:00:00",
"db": "BID",
"id": "70166"
},
{
"date": "2014-09-26T14:38:27",
"db": "PACKETSTORM",
"id": "128431"
},
{
"date": "2014-10-20T13:55:00",
"db": "PACKETSTORM",
"id": "128753"
},
{
"date": "2014-11-12T18:13:47",
"db": "PACKETSTORM",
"id": "129069"
},
{
"date": "2014-11-12T18:13:32",
"db": "PACKETSTORM",
"id": "129067"
},
{
"date": "2014-10-27T23:44:00",
"db": "PACKETSTORM",
"id": "128864"
},
{
"date": "2014-10-20T13:14:00",
"db": "PACKETSTORM",
"id": "128752"
},
{
"date": "2014-10-14T23:07:16",
"db": "PACKETSTORM",
"id": "128666"
},
{
"date": "2014-11-17T23:31:07",
"db": "PACKETSTORM",
"id": "129132"
},
{
"date": "2014-11-26T15:07:58",
"db": "PACKETSTORM",
"id": "129264"
},
{
"date": "2014-11-13T17:15:31",
"db": "PACKETSTORM",
"id": "129095"
},
{
"date": "2014-10-03T23:31:42",
"db": "PACKETSTORM",
"id": "128545"
},
{
"date": "2014-10-01T14:44:00",
"db": "PACKETSTORM",
"id": "128513"
},
{
"date": "2014-10-03T23:32:04",
"db": "PACKETSTORM",
"id": "128546"
},
{
"date": "2014-10-20T14:02:00",
"db": "PACKETSTORM",
"id": "128755"
},
{
"date": "2014-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-956"
},
{
"date": "2014-09-25T01:55:04.367000",
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-14T00:00:00",
"db": "CERT/CC",
"id": "VU#252743"
},
{
"date": "2021-11-17T00:00:00",
"db": "VULMON",
"id": "CVE-2014-7169"
},
{
"date": "2016-07-05T21:53:00",
"db": "BID",
"id": "70166"
},
{
"date": "2021-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-956"
},
{
"date": "2024-11-21T02:16:26.753000",
"db": "NVD",
"id": "CVE-2014-7169"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "129132"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GNU Bash shell executes commands in exported functions in environment variables",
"sources": [
{
"db": "CERT/CC",
"id": "VU#252743"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-956"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.