10.0
HIGH CVSS 2.0
CVE-2014-6277
Apache HTTP Server Bash Environment Variable Injection Vulnerability
Description

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.

INFO

Published Date :

Sept. 27, 2014, 10:55 p.m.

Last Modified :

April 12, 2025, 10:46 a.m.

Remotely Exploit :

Yes !
Affected Products

The following products are affected by CVE-2014-6277 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Gnu bash
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 2.0 HIGH [email protected]
Solution
This vulnerability allows for arbitrary code execution. It is recommended to update affected software to resolve this issue.
  • Update the affected bash package.
  • Apply the relevant patches or upgrades as recommended by the vendor advisories.
Public PoC/Exploit Available at Github

CVE-2014-6277 has a 22 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2014-6277.

URL Resource
http://jvn.jp/en/jp/JVN55667175/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html Exploit Patch
http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html
http://linux.oracle.com/errata/ELSA-2014-3093
http://linux.oracle.com/errata/ELSA-2014-3094
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
http://marc.info/?l=bugtraq&m=141330468527613&w=2
http://marc.info/?l=bugtraq&m=141345648114150&w=2
http://marc.info/?l=bugtraq&m=141383026420882&w=2
http://marc.info/?l=bugtraq&m=141383081521087&w=2
http://marc.info/?l=bugtraq&m=141383196021590&w=2
http://marc.info/?l=bugtraq&m=141383244821813&w=2
http://marc.info/?l=bugtraq&m=141383304022067&w=2
http://marc.info/?l=bugtraq&m=141383353622268&w=2
http://marc.info/?l=bugtraq&m=141383465822787&w=2
http://marc.info/?l=bugtraq&m=141450491804793&w=2
http://marc.info/?l=bugtraq&m=141576728022234&w=2
http://marc.info/?l=bugtraq&m=141577137423233&w=2
http://marc.info/?l=bugtraq&m=141577241923505&w=2
http://marc.info/?l=bugtraq&m=141577297623641&w=2
http://marc.info/?l=bugtraq&m=141585637922673&w=2
http://marc.info/?l=bugtraq&m=141879528318582&w=2
http://marc.info/?l=bugtraq&m=141879528318582&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142289270617409&w=2
http://marc.info/?l=bugtraq&m=142289270617409&w=2
http://marc.info/?l=bugtraq&m=142358026505815&w=2
http://marc.info/?l=bugtraq&m=142358026505815&w=2
http://marc.info/?l=bugtraq&m=142358078406056&w=2
http://marc.info/?l=bugtraq&m=142721162228379&w=2
http://marc.info/?l=bugtraq&m=142721162228379&w=2
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
http://secunia.com/advisories/58200
http://secunia.com/advisories/59907
http://secunia.com/advisories/59961
http://secunia.com/advisories/60024
http://secunia.com/advisories/60034
http://secunia.com/advisories/60044
http://secunia.com/advisories/60055
http://secunia.com/advisories/60063
http://secunia.com/advisories/60193
http://secunia.com/advisories/60325
http://secunia.com/advisories/60433
http://secunia.com/advisories/61065
http://secunia.com/advisories/61128
http://secunia.com/advisories/61129
http://secunia.com/advisories/61283
http://secunia.com/advisories/61287
http://secunia.com/advisories/61291
http://secunia.com/advisories/61312
http://secunia.com/advisories/61313
http://secunia.com/advisories/61328
http://secunia.com/advisories/61442
http://secunia.com/advisories/61471
http://secunia.com/advisories/61485
http://secunia.com/advisories/61503
http://secunia.com/advisories/61550
http://secunia.com/advisories/61552
http://secunia.com/advisories/61565
http://secunia.com/advisories/61603
http://secunia.com/advisories/61633
http://secunia.com/advisories/61641
http://secunia.com/advisories/61643
http://secunia.com/advisories/61654
http://secunia.com/advisories/61703
http://secunia.com/advisories/61780
http://secunia.com/advisories/61816
http://secunia.com/advisories/61857
http://secunia.com/advisories/62312
http://secunia.com/advisories/62343
http://support.apple.com/HT204244
http://support.novell.com/security/cve/CVE-2014-6277.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
http://www-01.ibm.com/support/docview.wss?uid=swg21685541
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
http://www-01.ibm.com/support/docview.wss?uid=swg21685733
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
http://www-01.ibm.com/support/docview.wss?uid=swg21685914
http://www-01.ibm.com/support/docview.wss?uid=swg21686131
http://www-01.ibm.com/support/docview.wss?uid=swg21686246
http://www-01.ibm.com/support/docview.wss?uid=swg21686445
http://www-01.ibm.com/support/docview.wss?uid=swg21686479
http://www-01.ibm.com/support/docview.wss?uid=swg21686494
http://www-01.ibm.com/support/docview.wss?uid=swg21687079
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
http://www.novell.com/support/kb/doc.php?id=7015721
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
http://www.qnap.com/i/en/support/con_show.php?cid=61
http://www.ubuntu.com/usn/USN-2380-1
http://www.vmware.com/security/advisories/VMSA-2014-0010.html
https://kb.bluecoat.com/index?page=content&id=SA82
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
https://kc.mcafee.com/corporate/index?page=content&id=SB10085
https://support.apple.com/HT205267
https://support.citrix.com/article/CTX200217
https://support.citrix.com/article/CTX200223
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
https://www.suse.com/support/shellshock/
http://jvn.jp/en/jp/JVN55667175/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html Exploit Patch
http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html
http://linux.oracle.com/errata/ELSA-2014-3093
http://linux.oracle.com/errata/ELSA-2014-3094
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
http://marc.info/?l=bugtraq&m=141330468527613&w=2
http://marc.info/?l=bugtraq&m=141345648114150&w=2
http://marc.info/?l=bugtraq&m=141383026420882&w=2
http://marc.info/?l=bugtraq&m=141383081521087&w=2
http://marc.info/?l=bugtraq&m=141383196021590&w=2
http://marc.info/?l=bugtraq&m=141383244821813&w=2
http://marc.info/?l=bugtraq&m=141383304022067&w=2
http://marc.info/?l=bugtraq&m=141383353622268&w=2
http://marc.info/?l=bugtraq&m=141383465822787&w=2
http://marc.info/?l=bugtraq&m=141450491804793&w=2
http://marc.info/?l=bugtraq&m=141576728022234&w=2
http://marc.info/?l=bugtraq&m=141577137423233&w=2
http://marc.info/?l=bugtraq&m=141577241923505&w=2
http://marc.info/?l=bugtraq&m=141577297623641&w=2
http://marc.info/?l=bugtraq&m=141585637922673&w=2
http://marc.info/?l=bugtraq&m=141879528318582&w=2
http://marc.info/?l=bugtraq&m=141879528318582&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142289270617409&w=2
http://marc.info/?l=bugtraq&m=142289270617409&w=2
http://marc.info/?l=bugtraq&m=142358026505815&w=2
http://marc.info/?l=bugtraq&m=142358026505815&w=2
http://marc.info/?l=bugtraq&m=142358078406056&w=2
http://marc.info/?l=bugtraq&m=142721162228379&w=2
http://marc.info/?l=bugtraq&m=142721162228379&w=2
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
http://secunia.com/advisories/58200
http://secunia.com/advisories/59907
http://secunia.com/advisories/59961
http://secunia.com/advisories/60024
http://secunia.com/advisories/60034
http://secunia.com/advisories/60044
http://secunia.com/advisories/60055
http://secunia.com/advisories/60063
http://secunia.com/advisories/60193
http://secunia.com/advisories/60325
http://secunia.com/advisories/60433
http://secunia.com/advisories/61065
http://secunia.com/advisories/61128
http://secunia.com/advisories/61129
http://secunia.com/advisories/61283
http://secunia.com/advisories/61287
http://secunia.com/advisories/61291
http://secunia.com/advisories/61312
http://secunia.com/advisories/61313
http://secunia.com/advisories/61328
http://secunia.com/advisories/61442
http://secunia.com/advisories/61471
http://secunia.com/advisories/61485
http://secunia.com/advisories/61503
http://secunia.com/advisories/61550
http://secunia.com/advisories/61552
http://secunia.com/advisories/61565
http://secunia.com/advisories/61603
http://secunia.com/advisories/61633
http://secunia.com/advisories/61641
http://secunia.com/advisories/61643
http://secunia.com/advisories/61654
http://secunia.com/advisories/61703
http://secunia.com/advisories/61780
http://secunia.com/advisories/61816
http://secunia.com/advisories/61857
http://secunia.com/advisories/62312
http://secunia.com/advisories/62343
http://support.apple.com/HT204244
http://support.novell.com/security/cve/CVE-2014-6277.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
http://www-01.ibm.com/support/docview.wss?uid=swg21685541
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
http://www-01.ibm.com/support/docview.wss?uid=swg21685733
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
http://www-01.ibm.com/support/docview.wss?uid=swg21685914
http://www-01.ibm.com/support/docview.wss?uid=swg21686131
http://www-01.ibm.com/support/docview.wss?uid=swg21686246
http://www-01.ibm.com/support/docview.wss?uid=swg21686445
http://www-01.ibm.com/support/docview.wss?uid=swg21686479
http://www-01.ibm.com/support/docview.wss?uid=swg21686494
http://www-01.ibm.com/support/docview.wss?uid=swg21687079
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
http://www.novell.com/support/kb/doc.php?id=7015721
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
http://www.qnap.com/i/en/support/con_show.php?cid=61
http://www.ubuntu.com/usn/USN-2380-1
http://www.vmware.com/security/advisories/VMSA-2014-0010.html
https://kb.bluecoat.com/index?page=content&id=SA82
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
https://kc.mcafee.com/corporate/index?page=content&id=SB10085
https://support.apple.com/HT205267
https://support.citrix.com/article/CTX200217
https://support.citrix.com/article/CTX200223
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
https://www.suse.com/support/shellshock/
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2014-6277 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

None

Updated: 2 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : May 26, 2025, 1:33 p.m. This repo has been linked 6 different CVEs too.

a *VULNERABLE* docker image containing bash 4.1

Dockerfile Shell PHP

Updated: 7 months ago
0 stars 0 fork 0 watcher
Born at : Jan. 12, 2025, 4:20 p.m. This repo has been linked 6 different CVEs too.

El charqito net

bash bash-script

Shell

Updated: 11 months, 2 weeks ago
1 stars 0 fork 0 watcher
Born at : May 14, 2024, 12:49 p.m. This repo has been linked 3 different CVEs too.

ShellShock Attack vulnerability on “Bitcoin” & “Ethereum” server discovered in GNU Bash cryptocurrency exchange

attack bash bitcoin bitcoin-wallet gnu gnu-linux hacking shell vulnerability blockchain blockchain-technology

Shell Python PHP HTML JavaScript

Updated: 9 months, 3 weeks ago
5 stars 2 fork 2 watcher
Born at : Sept. 9, 2023, 11:56 a.m. This repo has been linked 6 different CVEs too.

SecDB - Security Feeds

cve security-feeds vulnerability

Updated: 2 weeks, 1 day ago
0 stars 0 fork 0 watcher
Born at : July 1, 2022, 8:37 p.m. This repo has been linked 102 different CVEs too.

It's a simple tool for test vulnerability shellshock

shellshock shellshock-vulnerability shellshock-trainer

Python

Updated: 3 years, 5 months ago
0 stars 0 fork 0 watcher
Born at : March 8, 2022, 5:44 a.m. This repo has been linked 6 different CVEs too.

Find SearchSploit exploits by CVE-IDs / dpkg status file

searchsploit exploits cve

Python

Updated: 4 years, 1 month ago
1 stars 2 fork 2 watcher
Born at : July 14, 2021, 8:29 a.m. This repo has been linked 3 different CVEs too.

It's a simple tool for test vulnerability shellshock

python hacking shellshock vulnerability scanner security-tools

Python

Updated: 5 months, 4 weeks ago
116 stars 34 fork 34 watcher
Born at : Feb. 1, 2021, 7:10 a.m. This repo has been linked 6 different CVEs too.

None

Updated: 5 years, 9 months ago
0 stars 0 fork 0 watcher
Born at : Oct. 28, 2019, 1:54 p.m. This repo has been linked 6 different CVEs too.

None

Shell

Updated: 6 years, 1 month ago
0 stars 0 fork 0 watcher
Born at : July 18, 2019, 10:49 p.m. This repo has been linked 124 different CVEs too.

None

C Perl 6 Perl ASP HTML Rich Text Format Visual Basic TeX Assembly Shell

Updated: 1 year ago
1 stars 1 fork 1 watcher
Born at : June 13, 2019, 1:51 p.m. This repo has been linked 308 different CVEs too.

:octocat: Shellshock is a vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system

Shell HTML JavaScript CSS

Updated: 10 months, 1 week ago
7 stars 2 fork 2 watcher
Born at : Aug. 30, 2015, 9:57 a.m. This repo has been linked 6 different CVEs too.

A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz)

Updated: 6 months, 2 weeks ago
92 stars 16 fork 16 watcher
Born at : Aug. 27, 2015, 12:26 a.m. This repo has been linked 332 different CVEs too.

The vm images in this repo are lost, we recommend our new project: https://github.com/hust-open-atom-club/S2VulnHub

linux vulnerability reproduction cve edb

Shell C Perl PHP TeX Python Assembly Makefile HTML XSLT

Updated: 1 month, 2 weeks ago
331 stars 74 fork 74 watcher
Born at : July 30, 2015, 10:36 a.m. This repo has been linked 309 different CVEs too.

The tool inject a malicious user agent that allows exploring the vulnerabildiade sheelshock running server-side commands.

PHP

Updated: 1 year, 8 months ago
9 stars 2 fork 2 watcher
Born at : May 1, 2015, 7:39 p.m. This repo has been linked 6 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2014-6277 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2014-6277 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://jvn.jp/en/jp/JVN55667175/index.html
    Added Reference http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
    Added Reference http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html
    Added Reference http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html
    Added Reference http://linux.oracle.com/errata/ELSA-2014-3093
    Added Reference http://linux.oracle.com/errata/ELSA-2014-3094
    Added Reference http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
    Added Reference http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
    Added Reference http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
    Added Reference http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
    Added Reference http://marc.info/?l=bugtraq&m=141330468527613&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141345648114150&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141383026420882&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141383081521087&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141383196021590&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141383244821813&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141383304022067&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141383353622268&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141383465822787&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141450491804793&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141576728022234&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141577137423233&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141577241923505&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141577297623641&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141585637922673&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141879528318582&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141879528318582&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142118135300698&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142118135300698&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142118135300698&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142289270617409&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142289270617409&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142358026505815&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142358026505815&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142358078406056&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142721162228379&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142721162228379&w=2
    Added Reference http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
    Added Reference http://secunia.com/advisories/58200
    Added Reference http://secunia.com/advisories/59907
    Added Reference http://secunia.com/advisories/59961
    Added Reference http://secunia.com/advisories/60024
    Added Reference http://secunia.com/advisories/60034
    Added Reference http://secunia.com/advisories/60044
    Added Reference http://secunia.com/advisories/60055
    Added Reference http://secunia.com/advisories/60063
    Added Reference http://secunia.com/advisories/60193
    Added Reference http://secunia.com/advisories/60325
    Added Reference http://secunia.com/advisories/60433
    Added Reference http://secunia.com/advisories/61065
    Added Reference http://secunia.com/advisories/61128
    Added Reference http://secunia.com/advisories/61129
    Added Reference http://secunia.com/advisories/61283
    Added Reference http://secunia.com/advisories/61287
    Added Reference http://secunia.com/advisories/61291
    Added Reference http://secunia.com/advisories/61312
    Added Reference http://secunia.com/advisories/61313
    Added Reference http://secunia.com/advisories/61328
    Added Reference http://secunia.com/advisories/61442
    Added Reference http://secunia.com/advisories/61471
    Added Reference http://secunia.com/advisories/61485
    Added Reference http://secunia.com/advisories/61503
    Added Reference http://secunia.com/advisories/61550
    Added Reference http://secunia.com/advisories/61552
    Added Reference http://secunia.com/advisories/61565
    Added Reference http://secunia.com/advisories/61603
    Added Reference http://secunia.com/advisories/61633
    Added Reference http://secunia.com/advisories/61641
    Added Reference http://secunia.com/advisories/61643
    Added Reference http://secunia.com/advisories/61654
    Added Reference http://secunia.com/advisories/61703
    Added Reference http://secunia.com/advisories/61780
    Added Reference http://secunia.com/advisories/61816
    Added Reference http://secunia.com/advisories/61857
    Added Reference http://secunia.com/advisories/62312
    Added Reference http://secunia.com/advisories/62343
    Added Reference http://support.apple.com/HT204244
    Added Reference http://support.novell.com/security/cve/CVE-2014-6277.html
    Added Reference http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
    Added Reference http://www.novell.com/support/kb/doc.php?id=7015721
    Added Reference http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
    Added Reference http://www.qnap.com/i/en/support/con_show.php?cid=61
    Added Reference http://www.ubuntu.com/usn/USN-2380-1
    Added Reference http://www.vmware.com/security/advisories/VMSA-2014-0010.html
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21685541
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21685604
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21685733
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21685749
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21685914
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21686131
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21686246
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21686445
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21686479
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21686494
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21687079
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
    Added Reference https://kb.bluecoat.com/index?page=content&id=SA82
    Added Reference https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
    Added Reference https://kc.mcafee.com/corporate/index?page=content&id=SB10085
    Added Reference https://support.apple.com/HT205267
    Added Reference https://support.citrix.com/article/CTX200217
    Added Reference https://support.citrix.com/article/CTX200223
    Added Reference https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
    Added Reference https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
    Added Reference https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
    Added Reference https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
    Added Reference https://www.suse.com/support/shellshock/
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Aug. 09, 2018

    Action Type Old Value New Value
    Added Reference https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183 [No Types Assigned]
    Added Reference https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075 [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 03, 2017

    Action Type Old Value New Value
    Added Reference https://kc.mcafee.com/corporate/index?page=content&id=SB10085 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 10, 2015

    Action Type Old Value New Value
    Added Reference http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
    Added Reference https://support.apple.com/HT205267
  • CVE Modified by [email protected]

    May. 12, 2015

    Action Type Old Value New Value
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
  • CVE Modified by [email protected]

    Mar. 27, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142721162228379&w=2
  • CVE Modified by [email protected]

    Mar. 18, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142118135300698&w=2
  • CVE Modified by [email protected]

    Mar. 12, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142358026505815&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142358078406056&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142289270617409&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141879528318582&w=2
  • CVE Modified by [email protected]

    Jan. 31, 2015

    Action Type Old Value New Value
    Added Reference http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
    Added Reference http://support.apple.com/HT204244
  • CVE Modified by [email protected]

    Dec. 24, 2014

    Action Type Old Value New Value
    Added Reference http://secunia.com/advisories/62312
    Added Reference http://secunia.com/advisories/59961
    Added Reference http://secunia.com/advisories/62343
    Added Reference http://linux.oracle.com/errata/ELSA-2014-3093
    Added Reference http://linux.oracle.com/errata/ELSA-2014-3094
  • CVE Modified by [email protected]

    Nov. 20, 2014

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=141577137423233&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141577241923505&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141576728022234&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141577297623641&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141585637922673&w=2
  • CVE Modified by [email protected]

    Nov. 14, 2014

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=141383465822787&w=2
  • Initial Analysis by [email protected]

    Sep. 29, 2014

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 10
Access Vector
Access Complexity
Authentication
Confidentiality Impact
Integrity Impact
Availability Impact
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

86.46 }} 3.36%

score

0.99368

percentile