CVE-2014-7169

Summary

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

Impact & exploitability

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products we track (3)

Recommendation

This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.

Additional information

• NVD record
• http://advisories.mageia.org/MGASA-2014-0393.htmlAdvisory
• http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
• http://jvn.jp/en/jp/JVN55667175/index.htmlAdvisory
• http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126Advisory
• http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlAdvisory
• http://linux.oracle.com/errata/ELSA-2014-1306.htmlAdvisory
• http://linux.oracle.com/errata/ELSA-2014-3075.htmlAdvisory
• http://linux.oracle.com/errata/ELSA-2014-3077.htmlAdvisory