GNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability (FTP Check) Network Vulnerability

Summary

This host is installed with GNU Bash Shell and is prone to remote command execution vulnerability.

Impact

Successful exploitation will allow remote or local attackers to inject shell commmands, allowing local privilege escalation or remote command execution depending on the application vector. Impact Level: Application

Solution

Apply the patch or upgrade to latest version, For updates refer to http://www.gnu.org/software/bash/

Insight

GNU bash contains a flaw that is triggered when evaluating environment variables passed from another environment. After processing a function definition, bash continues to process trailing strings.

Affected

GNU Bash through 4.3

Detection

Send a FTP login request and check remote command execution.

References

https://access.redhat.com/solutions/1207723
https://blogs.akamai.com/2014/09/environment-bashing.html
https://bugzilla.redhat.com/show_bug.cgi?id=1141597
https://community.qualys.com/blogs/securitylabs/2014/09/24/
https://gist.github.com/jedisct1/88c62ee34e6fa92c31dc

Updated on 2017-03-28

Severity

Classification

CVE CVE-2014-6271, CVE-2014-6278

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Open-FTPD Authentication Bypass Vulnerability
WS FTP server multiple flaws
Null FTP Server SITE Command Execution Vulnerability
Serv-U FTP Server Jail Break
Golden FTP Server Malformed Message Denial Of Service Vulnerability

Take action and discover your vulnerabilities