GNU Bash Environment Variable Command Injection Vulnerability (CVE-2014-6277)
Publish date: 19 de diciembre de 2014
Gravedad: Crítico
Identificadores de CVE : CVE-2014-6277
Fecha recomendada: 27 de septiembre de 2014
Descripción
This remote code execution vulnerability exists in the parsing of function definitions in GNU Bash through 4.3 bash43-026 does not properly parse function. When exploited successfully, it may allow remote attackers to execute arbitrary code or cause a denial of service.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1006256
Trend Micro Deep Security DPI Rule Name: 1006256 - GNU Bash Remote Code Execution Vulnerability