GNU Bash Remote Code Execution Vulnerability
Gravedad: Crítico
CVE Identifier: 2014-6277,2014-6278,CVE-2014-7169,2014-6271
Fecha recomendada: 16 de junio de 2016
Descripción
GNU Bash is prone to a remote code execution vulnerability when it incorrectly processes trailing strings after certain malformed function definitions in the values of environment variables which allows remote attackers to write to files or possibly have unknown other impact via a crafted request.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1006256
Trend Micro Deep Security DPI Rule Name: 1006256 - GNU Bash Remote Code Execution Vulnerability
Software y versión afectados
- gnu bash 1.14.0
- gnu bash 1.14.1
- gnu bash 1.14.2
- gnu bash 1.14.3
- gnu bash 1.14.4
- gnu bash 1.14.5
- gnu bash 1.14.6
- gnu bash 1.14.7
- gnu bash 2.0
- gnu bash 2.01
- gnu bash 2.01.1
- gnu bash 2.02
- gnu bash 2.02.1
- gnu bash 2.03
- gnu bash 2.04
- gnu bash 2.05
- gnu bash 3.0
- gnu bash 3.0.16
- gnu bash 3.1
- gnu bash 3.2
- gnu bash 3.2.48
- gnu bash 4.0
- gnu bash 4.1
- gnu bash 4.2
- gnu bash 4.3