CVE-2014-6271

9.8 CRITICAL CISA KEV - Actively Exploited
Published: September 24, 2014 Modified: October 22, 2025
View on NVD

Description

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://advisories.mageia.org/MGASA-2014-0388.html
Source: security@debian.org
Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
Source: security@debian.org
Broken Link Third Party Advisory
http://jvn.jp/en/jp/JVN55667175/index.html
Source: security@debian.org
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
Source: security@debian.org
Third Party Advisory VDB Entry Vendor Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
Source: security@debian.org
Third Party Advisory
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html
Source: security@debian.org
Exploit Issue Tracking Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1293.html
Source: security@debian.org
Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1294.html
Source: security@debian.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html
Source: security@debian.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141216207813411&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141216668515282&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141235957116749&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141319209015420&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141330425327438&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141330468527613&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141345648114150&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383026420882&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383081521087&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383138121313&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383196021590&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383244821813&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383304022067&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383353622268&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383465822787&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141450491804793&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141576728022234&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141577137423233&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141577241923505&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141577297623641&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141585637922673&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141694386919794&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141879528318582&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142113462216480&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142118135300698&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142358026505815&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142358078406056&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142546741516006&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142719845423222&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142721162228379&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142805027510172&w=2
Source: security@debian.org
Mailing List Third Party Advisory
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html
Source: security@debian.org
Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2014-1293.html
Source: security@debian.org
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1294.html
Source: security@debian.org
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1295.html
Source: security@debian.org
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1354.html
Source: security@debian.org
Third Party Advisory
http://seclists.org/fulldisclosure/2014/Oct/0
Source: security@debian.org
Mailing List Third Party Advisory
http://secunia.com/advisories/58200
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/59272
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/59737
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/59907
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60024
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60034
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60044
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60055
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60063
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60193
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60325
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60433
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/60947
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61065
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61128
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61129
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61188
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61283
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61287
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61291
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61312
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61313
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61328
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61442
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61471
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61485
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61503
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61542
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61547
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61550
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61552
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61565
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61603
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61633
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61641
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61643
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61654
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61676
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61700
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61703
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61711
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61715
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61780
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61816
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61855
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61857
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/61873
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/62228
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/62312
Source: security@debian.org
Broken Link Third Party Advisory
http://secunia.com/advisories/62343
Source: security@debian.org
Broken Link Third Party Advisory
http://support.apple.com/kb/HT6495
Source: security@debian.org
Third Party Advisory
http://support.novell.com/security/cve/CVE-2014-6271.html
Source: security@debian.org
Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685541
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685733
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685914
Source: security@debian.org
Broken Link Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686084
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686131
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686246
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686445
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686447
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686479
Source: security@debian.org
Broken Link Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686494
Source: security@debian.org
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21687079
Source: security@debian.org
Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
Source: security@debian.org
Broken Link Third Party Advisory
http://www.debian.org/security/2014/dsa-3032
Source: security@debian.org
Mailing List Third Party Advisory
http://www.kb.cert.org/vuls/id/252743
Source: security@debian.org
Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
Source: security@debian.org
Broken Link Third Party Advisory
http://www.novell.com/support/kb/doc.php?id=7015701
Source: security@debian.org
Third Party Advisory
http://www.novell.com/support/kb/doc.php?id=7015721
Source: security@debian.org
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
Source: security@debian.org
Third Party Advisory
http://www.qnap.com/i/en/support/con_show.php?cid=61
Source: security@debian.org
Third Party Advisory
http://www.securityfocus.com/archive/1/533593/100/0/threaded
Source: security@debian.org
Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/70103
Source: security@debian.org
Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2362-1
Source: security@debian.org
Third Party Advisory
http://www.us-cert.gov/ncas/alerts/TA14-268A
Source: security@debian.org
Third Party Advisory US Government Resource
http://www.vmware.com/security/advisories/VMSA-2014-0010.html
Source: security@debian.org
Third Party Advisory
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
Source: security@debian.org
Broken Link Third Party Advisory
https://access.redhat.com/articles/1200223
Source: security@debian.org
Exploit Third Party Advisory
https://access.redhat.com/node/1200223
Source: security@debian.org
Exploit Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1141597
Source: security@debian.org
Issue Tracking Patch
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Source: security@debian.org
Broken Link Third Party Advisory
https://kb.bluecoat.com/index?page=content&id=SA82
Source: security@debian.org
Broken Link Third Party Advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
Source: security@debian.org
Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10085
Source: security@debian.org
Broken Link Third Party Advisory
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
Source: security@debian.org
Exploit Third Party Advisory
https://support.apple.com/kb/HT6535
Source: security@debian.org
Third Party Advisory
https://support.citrix.com/article/CTX200217
Source: security@debian.org
Third Party Advisory
https://support.citrix.com/article/CTX200223
Source: security@debian.org
Permissions Required
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
Source: security@debian.org
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
Source: security@debian.org
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
Source: security@debian.org
Broken Link Third Party Advisory
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
Source: security@debian.org
Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006
Source: security@debian.org
Third Party Advisory
https://www.exploit-db.com/exploits/34879/
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/37816/
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/38849/
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/39918/
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/40619/
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/40938/
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/42938/
Source: security@debian.org
Exploit Third Party Advisory VDB Entry
https://www.suse.com/support/shellshock/
Source: security@debian.org
Third Party Advisory
http://advisories.mageia.org/MGASA-2014-0388.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://jvn.jp/en/jp/JVN55667175/index.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry Vendor Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Issue Tracking Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1293.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1294.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141216207813411&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141216668515282&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141235957116749&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141319209015420&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141330425327438&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141330468527613&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141345648114150&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383026420882&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383081521087&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383138121313&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383196021590&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383244821813&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383304022067&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383353622268&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141383465822787&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141450491804793&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141576728022234&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141577137423233&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141577241923505&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141577297623641&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141585637922673&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141694386919794&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141879528318582&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142113462216480&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142118135300698&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142358026505815&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142358078406056&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142546741516006&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142719845423222&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142721162228379&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=142805027510172&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2014-1293.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1294.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1295.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-1354.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://seclists.org/fulldisclosure/2014/Oct/0
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://secunia.com/advisories/58200
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/59272
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/59737
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/59907
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60024
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60034
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60044
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60055
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60063
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60193
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60325
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60433
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/60947
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61065
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61128
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61129
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61188
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61283
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61287
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61291
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61312
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61313
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61328
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61442
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61471
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61485
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61503
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61542
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61547
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61550
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61552
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61565
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61603
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61633
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61641
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61643
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61654
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61676
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61700
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61703
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61711
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61715
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61780
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61816
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61855
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61857
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/61873
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/62228
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/62312
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://secunia.com/advisories/62343
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://support.apple.com/kb/HT6495
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.novell.com/security/cve/CVE-2014-6271.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685541
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685733
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21685914
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686084
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686131
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686246
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686445
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686447
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686479
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686494
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21687079
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://www.debian.org/security/2014/dsa-3032
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.kb.cert.org/vuls/id/252743
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
http://www.novell.com/support/kb/doc.php?id=7015701
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.novell.com/support/kb/doc.php?id=7015721
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.qnap.com/i/en/support/con_show.php?cid=61
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/archive/1/533593/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/70103
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2362-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.us-cert.gov/ncas/alerts/TA14-268A
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.vmware.com/security/advisories/VMSA-2014-0010.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
https://access.redhat.com/articles/1200223
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory
https://access.redhat.com/node/1200223
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1141597
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Patch
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
https://kb.bluecoat.com/index?page=content&id=SA82
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10085
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory
https://support.apple.com/kb/HT6535
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://support.citrix.com/article/CTX200217
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://support.citrix.com/article/CTX200223
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.exploit-db.com/exploits/34879/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/37816/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/38849/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/39918/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/40619/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/40938/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/42938/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.suse.com/support/shellshock/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

341 reference(s) from NVD

Quick Stats

CVSS v3 Score
9.8 / 10.0
EPSS (Exploit Probability)
94.1%
100th percentile
Exploitation Status
Actively Exploited
Remediation due: 2022-07-28

Weaknesses (CWE)

CWE-78 CWE-78

Affected Vendors

oracle gnu canonical opensuse f5 arista apple qnap ibm checkpoint +7 more

Related CVEs

CVE-2026-3550 5.3
CVE-2026-33192 N/A
CVE-2026-33080 7.3
CVE-2026-33075 N/A
CVE-2026-33072 8.2