Summary
This host is installed with GNU Bash Shell
and is prone to command execution vulnerability.
Impact
Successful exploitation will allow
attackers to execute arbitrary commands.
Impact Level: System/Application
Solution
Apply the appropriate patch. For
updates refer to refer to http://www.gnu.org/software/bash/
Insight
GNU bash contains an off-by-one overflow
condition that is triggered when handling deeply nested flow control constructs.
Affected
GNU Bash through 4.3 bash43-026
Detection
Login to the target machine with ssh
credentials and check its possible to execute the commands via GNU bash shell.
References
Severity
Classification
-
CVE CVE-2014-7187 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities