Code Execution Vulnerability in GNU Bash by GNU
CVE-2014-6277

Currently unrated

Key Information:

Vendor

Gnu
Status
Bash
Vendor
CVE Published:
27 September 2014

What is CVE-2014-6277?

GNU Bash, through version 4.3, improperly parses function definitions in environment variables, enabling remote attackers to execute arbitrary code or induce a denial of service. This vulnerability arises from crafted environments that exploit command execution contexts across privilege boundaries, affecting various services such as OpenSSH's ForceCommand feature, Apache's mod_cgi and mod_cgid modules, and potentially untrusted scripts executed by DHCP clients. The issue stems from an incomplete fix related to previous vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141577137423233&w=2
vendor-advisoryx_refsource_HP

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.