GNU Bash Remote Code Execution Vulnerability
Schweregrad:: Kritisch
CVE Identifier: 2014-6277,2014-6278,CVE-2014-7169,2014-6271
Hinweisdatum: 16 Juni 2016
Beschreibung
GNU Bash is prone to a remote code execution vulnerability when it incorrectly processes trailing strings after certain malformed function definitions in the values of environment variables which allows remote attackers to write to files or possibly have unknown other impact via a crafted request.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1006256
Trend Micro Deep Security DPI Rule Name: 1006256 - GNU Bash Remote Code Execution Vulnerability
Betroffene Software und Version:
- gnu bash 1.14.0
- gnu bash 1.14.1
- gnu bash 1.14.2
- gnu bash 1.14.3
- gnu bash 1.14.4
- gnu bash 1.14.5
- gnu bash 1.14.6
- gnu bash 1.14.7
- gnu bash 2.0
- gnu bash 2.01
- gnu bash 2.01.1
- gnu bash 2.02
- gnu bash 2.02.1
- gnu bash 2.03
- gnu bash 2.04
- gnu bash 2.05
- gnu bash 3.0
- gnu bash 3.0.16
- gnu bash 3.1
- gnu bash 3.2
- gnu bash 3.2.48
- gnu bash 4.0
- gnu bash 4.1
- gnu bash 4.2
- gnu bash 4.3