Bash Vulnerability Shellshock (CVE-2014-6271)

Publish date: November 18, 2014

Severity: CRITICAL

CVE Identifier: CVE-2014-6271

Advisory Date: SEP 25, 2014

DESCRIPTION

This vulnerability, which is found existing in certain versions of GNU Bourne Again Shell (Bash) can allow an attacker to execute commands on an affected system. It allows for remote code execution on servers that run these Linux distributions. Bash is used by most Unix and Linux systems, as well as OS X. This vulnerability was reportedly being exploited in the wild already. Trend Micro spotted samples, which are actual payload of the said exploit code. Trend Micro detects this as ELF_BASHLITE.A.

All versions of Bash up to and including version 4.3 are vulnerable.

TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Discovery protects network connections via the following rule:

CVE-2014-6271-SHELLSHOCK_REQUEST

Trend Micro Deep Discovery also has the following DDI rule:

1618 – Shellshock HTTP REQUEST

Trend Micro Deep Security protects users from this threat via the following update (DSRU14-028) and rule:

1006256 – GNU Bash Remote Code Execution Vulnerability

SOLUTION

Trend Micro Deep Security DPI Rule Number: 1006256

Trend Micro Deep Security DPI Rule Name: 1006256 - GNU Bash Remote Code Execution Vulnerability

OTHER INFORMATION

Shellshock

Shellshock: A Technical Report

About the Shellshock Vulnerability: The Basics of the "Bash Bug"

Trend Micro products and the Shellshock – Linux Bash Vulnerability (Bash Bug) [CVE-2014-6271 and CVE-2014-7169]

Get FREE protection for Shellshock

Related Blog Entries

Related Vulnerability

Related Malware

Featured Stories

$Unveiling AI Agent Vulnerabilities Part IV: Database Access Vulnerabilities$
Unveiling AI Agent Vulnerabilities Part IV: Database Access Vulnerabilities
How can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.
Read more
$The Mirage of AI Programming: Hallucinations and Code Integrity$
The Mirage of AI Programming: Hallucinations and Code Integrity
The adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.
Read more
$Open Ran Attack of xApps$
Open RAN: Attack of the xApps
This article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handling
Read more
$A Closer Exploration of Residential Proxies and CAPTCHA-Breaking Services$
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking Services
This article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.
Read more