GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2014-7169 | GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2014-7169 allows environment variables set from service/HTTP requests on a serve (e.g. HTTP_COOKIE) in Bash shell that allows for spawning a child shell with the authority/privilege level of the parent shell to perform RCE of code provided by the adversary in the request.
References
|
CVE-2014-7169 | GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability | exploitation_technique | T1133 | External Remote Services |
Comments
CVE-2014-7169 allows environment variables set from service/HTTP requests on a serve (e.g. HTTP_COOKIE) in Bash shell that allows for spawning a child shell with the authority/privilege level of the parent shell to perform RCE of code provided by the adversary in the request.
References
|
CVE-2014-7169 | GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability | primary_impact | T1059.004 | Unix Shell |
Comments
CVE-2014-7169 allows environment variables set from service/HTTP requests on a serve (e.g. HTTP_COOKIE) in Bash shell that allows for spawning a child shell with the authority/privilege level of the parent shell to perform RCE of code provided by the adversary in the request.
References
|