VIR Vulnerability Intelligence Relay

CVE-2014-7169

unknown KEV
Published 2022-01-28 · Modified 2022-01-28
💬 Discuss on Community ✚ Propose mitigation
CVSS v3
CVSS v4 NEW
not yet in upstream
VIR risk
2.5

Description

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.

CISA KEV

Vendor
GNU
Product
Bourne-Again Shell (Bash)
Due date
2022-07-28

Predictions

Exploit likelihood
99%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-36933 remote linux verified
fdiskyou · 2014-09-29

dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)

Source code queued for fetch — refresh in a moment.
EDB-34879 remote linux
hobbily plunt · 2014-10-04

OpenVPN 2.2.29 - 'Shellshock' Remote Command Injection

Source code queued for fetch — refresh in a moment.
EDB-34896 remote linux verified
Phil Blank · 2014-10-06

Postfix SMTP 4.2.x < 4.2.48 - 'Shellshock' Remote Command Injection

Source code queued for fetch — refresh in a moment.
EDB-34862 remote linux verified
Metasploit · 2014-10-02

Pure-FTPd - External Authentication Bash Environment Variable Code Injection (Metasploit)

Source code queued for fetch — refresh in a moment.
EDB-35146 webapps php
Ryan King (Starfall) · 2014-11-03

PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection

Source code queued for fetch — refresh in a moment.
EDB-34839 webapps cgi verified
Claudio Viviani · 2014-10-01

IPFire - CGI Web Interface (Authenticated) Bash Environment Variable Code Injection

Source code queued for fetch — refresh in a moment.
EDB-34777 remote cgi verified
Shaun Colley · 2014-09-25

GNU Bash - Environment Variable Command Injection (Metasploit)

Source code queued for fetch — refresh in a moment.
EDB-34895 webapps cgi verified
Fady Mohammed Osman · 2014-10-06

Bash CGI - 'Shellshock' Remote Command Injection (Metasploit)

Source code queued for fetch — refresh in a moment.
EDB-36503 remote hardware
Patrick Pellegrino · 2015-03-26

QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)

Source code queued for fetch — refresh in a moment.
EDB-36504 remote hardware
Patrick Pellegrino · 2015-03-26

QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)

Source code queued for fetch — refresh in a moment.
EDB-34766 remote linux verified
Prakhar Prasad & Subho Halder · 2014-09-25

Bash - 'Shellshock' Environment Variables Command Injection

Source code queued for fetch — refresh in a moment.
EDB-35115 remote linux verified
Metasploit · 2014-10-29

CUPS Filter - Bash Environment Variable Code Injection (Metasploit)

Source code queued for fetch — refresh in a moment.
EDB-34765 remote linux verified
Stephane Chazelas · 2014-09-25

GNU Bash - 'Shellshock' Environment Variable Command Injection

Source code queued for fetch — refresh in a moment.
EDB-34860 remote linux
@0x00string · 2014-10-02

GNU bash 4.3.11 - Environment Variable dhclient

Source code queued for fetch — refresh in a moment.
EDB-36609 webapps multiple
Roberto Suggi Liverani · 2015-04-02

Kemp Load Master 7.1.16 - Multiple Vulnerabilities

Source code queued for fetch — refresh in a moment.

OS impact
debian Debian Fixed 5 releases
VersionStatusFixed in
trixie Fixed 4.3-9.2
sid Fixed 4.3-9.2
forky Fixed 4.3-9.2
bullseye Fixed 4.3-9.2
bookworm Fixed 4.3-9.2

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.