10.0
CRITICAL
CVE-2014-7187
GNU Bash Off-by-one Error Vulnerability
Description

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.

INFO

Published Date :

Sept. 28, 2014, 7:55 p.m.

Last Modified :

Oct. 9, 2018, 7:52 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

10.0

Exploitability Score :

10.0
Public PoC/Exploit Available at Github

CVE-2014-7187 has a 23 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2014-7187 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Gnu bash
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2014-7187.

URL Resource
http://jvn.jp/en/jp/JVN55667175/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126
http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
http://marc.info/?l=bugtraq&m=141330468527613&w=2
http://marc.info/?l=bugtraq&m=141345648114150&w=2
http://marc.info/?l=bugtraq&m=141383026420882&w=2
http://marc.info/?l=bugtraq&m=141383081521087&w=2
http://marc.info/?l=bugtraq&m=141383138121313&w=2
http://marc.info/?l=bugtraq&m=141383196021590&w=2
http://marc.info/?l=bugtraq&m=141383244821813&w=2
http://marc.info/?l=bugtraq&m=141383304022067&w=2
http://marc.info/?l=bugtraq&m=141450491804793&w=2
http://marc.info/?l=bugtraq&m=141576728022234&w=2
http://marc.info/?l=bugtraq&m=141577137423233&w=2
http://marc.info/?l=bugtraq&m=141577241923505&w=2
http://marc.info/?l=bugtraq&m=141577297623641&w=2
http://marc.info/?l=bugtraq&m=141585637922673&w=2
http://marc.info/?l=bugtraq&m=141694386919794&w=2
http://marc.info/?l=bugtraq&m=141879528318582&w=2
http://marc.info/?l=bugtraq&m=142118135300698&w=2
http://marc.info/?l=bugtraq&m=142289270617409&w=2
http://marc.info/?l=bugtraq&m=142358026505815&w=2
http://marc.info/?l=bugtraq&m=142358078406056&w=2
http://marc.info/?l=bugtraq&m=142721162228379&w=2
http://openwall.com/lists/oss-security/2014/09/25/32 Exploit
http://openwall.com/lists/oss-security/2014/09/26/2
http://openwall.com/lists/oss-security/2014/09/28/10
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html
http://rhn.redhat.com/errata/RHSA-2014-1311.html
http://rhn.redhat.com/errata/RHSA-2014-1312.html
http://rhn.redhat.com/errata/RHSA-2014-1354.html
http://seclists.org/fulldisclosure/2014/Oct/0
http://secunia.com/advisories/58200
http://secunia.com/advisories/59907
http://secunia.com/advisories/60024
http://secunia.com/advisories/60034
http://secunia.com/advisories/60044
http://secunia.com/advisories/60055
http://secunia.com/advisories/60063
http://secunia.com/advisories/60193
http://secunia.com/advisories/60433
http://secunia.com/advisories/61065
http://secunia.com/advisories/61128
http://secunia.com/advisories/61129
http://secunia.com/advisories/61188
http://secunia.com/advisories/61283
http://secunia.com/advisories/61287
http://secunia.com/advisories/61291
http://secunia.com/advisories/61312
http://secunia.com/advisories/61313
http://secunia.com/advisories/61328
http://secunia.com/advisories/61442
http://secunia.com/advisories/61479
http://secunia.com/advisories/61485
http://secunia.com/advisories/61503
http://secunia.com/advisories/61550
http://secunia.com/advisories/61552
http://secunia.com/advisories/61565
http://secunia.com/advisories/61603
http://secunia.com/advisories/61618
http://secunia.com/advisories/61622
http://secunia.com/advisories/61633
http://secunia.com/advisories/61636
http://secunia.com/advisories/61641
http://secunia.com/advisories/61643
http://secunia.com/advisories/61654
http://secunia.com/advisories/61703
http://secunia.com/advisories/61816
http://secunia.com/advisories/61855
http://secunia.com/advisories/61857
http://secunia.com/advisories/61873
http://secunia.com/advisories/62312
http://secunia.com/advisories/62343
http://support.apple.com/HT204244
http://support.novell.com/security/cve/CVE-2014-7187.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
http://www-01.ibm.com/support/docview.wss?uid=swg21685733
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
http://www-01.ibm.com/support/docview.wss?uid=swg21685914
http://www-01.ibm.com/support/docview.wss?uid=swg21686084
http://www-01.ibm.com/support/docview.wss?uid=swg21686131
http://www-01.ibm.com/support/docview.wss?uid=swg21686246
http://www-01.ibm.com/support/docview.wss?uid=swg21686445
http://www-01.ibm.com/support/docview.wss?uid=swg21686447
http://www-01.ibm.com/support/docview.wss?uid=swg21686479
http://www-01.ibm.com/support/docview.wss?uid=swg21686494
http://www-01.ibm.com/support/docview.wss?uid=swg21687079
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
http://www.novell.com/support/kb/doc.php?id=7015721
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html
http://www.qnap.com/i/en/support/con_show.php?cid=61
http://www.securityfocus.com/archive/1/533593/100/0/threaded
http://www.ubuntu.com/usn/USN-2364-1
http://www.vmware.com/security/advisories/VMSA-2014-0010.html
https://kb.bluecoat.com/index?page=content&id=SA82
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
https://kc.mcafee.com/corporate/index?page=content&id=SB10085
https://support.apple.com/HT205267
https://support.citrix.com/article/CTX200217
https://support.citrix.com/article/CTX200223
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts
https://www.suse.com/support/shellshock/

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
demining/ShellShock-Attack

ShellShock Attack vulnerability on “Bitcoin” & “Ethereum” server discovered in GNU Bash cryptocurrency exchange

attack bash bitcoin bitcoin-wallet gnu gnu-linux hacking shell vulnerability blockchain blockchain-technology

Shell Python PHP HTML JavaScript

Updated: 3 months, 1 week ago
3 stars 2 fork 2 watcher
Born at : Sept. 9, 2023, 11:56 a.m. This repo has been linked 6 different CVEs too.
Profile Photo
9069332997/session-1-full-stack

zomotoa food app

Updated: 1 year, 5 months ago
0 stars 0 fork 0 watcher
Born at : June 9, 2023, 7:24 a.m. This repo has been linked 39 different CVEs too.
Profile Photo
httpEduardo/ShellTHEbest

None

Python

Updated: 1 year, 5 months ago
0 stars 0 fork 0 watcher
Born at : March 22, 2023, 5:16 a.m. This repo has been linked 3 different CVEs too.
Profile Photo
CyberlearnbyVK/redteam-notebook

None

Updated: 1 year, 7 months ago
2 stars 0 fork 0 watcher
Born at : Nov. 11, 2022, 7:23 p.m. This repo has been linked 6 different CVEs too.
Profile Photo
giterlizzi/secdb-feeds

SecDB

Updated: 2 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : July 1, 2022, 8:37 p.m. This repo has been linked 82 different CVEs too.
Profile Photo
Parist0nH1ll/Vulnerabilities-Write-Ups

None

Updated: 7 months ago
2 stars 0 fork 0 watcher
Born at : March 30, 2022, 7:09 p.m. This repo has been linked 38 different CVEs too.
Profile Photo
readloud/ShellShockHunter-v1.0

It's a simple tool for test vulnerability shellshock

shellshock shellshock-vulnerability shellshock-trainer

Python

Updated: 2 years, 8 months ago
0 stars 0 fork 0 watcher
Born at : March 8, 2022, 5:44 a.m. This repo has been linked 6 different CVEs too.
Profile Photo
MrCl0wnLab/ShellShockHunter

It's a simple tool for test vulnerability shellshock

python hacking shellshock vulnerability scanner security-tools

Python

Updated: 3 months ago
107 stars 34 fork 34 watcher
Born at : Feb. 1, 2021, 7:10 a.m. This repo has been linked 6 different CVEs too.
Profile Photo
meherarfaoui09/meher

None

Updated: 4 years, 5 months ago
0 stars 0 fork 0 watcher
Born at : June 10, 2020, 8:20 p.m. This repo has been linked 18 different CVEs too.
Profile Photo
inspirion87/w-test

None

Updated: 5 years ago
0 stars 0 fork 0 watcher
Born at : Oct. 28, 2019, 1:54 p.m. This repo has been linked 6 different CVEs too.
Profile Photo
foobarto/redteam-notebook

Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.

Updated: 3 months, 1 week ago
426 stars 126 fork 126 watcher
Born at : Jan. 2, 2018, 7:06 p.m. This repo has been linked 6 different CVEs too.
Profile Photo
ankh2054/linux-pentest

Linux pentest tools

Python Shell

Updated: 3 months, 1 week ago
86 stars 36 fork 36 watcher
Born at : June 22, 2016, 9:26 a.m. This repo has been linked 4 different CVEs too.
Profile Photo
xdistro/ShellShock

:octocat: Shellshock is a vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system

Shell HTML JavaScript CSS

Updated: 3 years, 3 months ago
6 stars 1 fork 1 watcher
Born at : Aug. 30, 2015, 9:57 a.m. This repo has been linked 6 different CVEs too.
Profile Photo
googleinurl/Xpl-SHELLSHOCK-Ch3ck

The tool inject a malicious user agent that allows exploring the vulnerabildiade sheelshock running server-side commands.

PHP

Updated: 10 months, 4 weeks ago
9 stars 2 fork 2 watcher
Born at : May 1, 2015, 7:39 p.m. This repo has been linked 6 different CVEs too.
Profile Photo
UMDTERPS/Shell-Shock-Update

This will update bash bug

Shell

Updated: 9 years, 11 months ago
0 stars 0 fork 0 watcher
Born at : Dec. 17, 2014, 3:41 p.m. This repo has been linked 4 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2014-7187 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2014-7187 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Oct. 09, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/533593/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/533593/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 09, 2018

    Action Type Old Value New Value
    Added Reference https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183 [No Types Assigned]
    Added Reference https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075 [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 03, 2017

    Action Type Old Value New Value
    Added Reference https://kc.mcafee.com/corporate/index?page=content&id=SB10085 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 10, 2015

    Action Type Old Value New Value
    Added Reference http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
    Added Reference https://support.apple.com/HT205267
  • CVE Modified by [email protected]

    May. 12, 2015

    Action Type Old Value New Value
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2015:164
  • CVE Modified by [email protected]

    Mar. 27, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142721162228379&w=2
  • CVE Modified by [email protected]

    Mar. 18, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142118135300698&w=2
  • CVE Modified by [email protected]

    Mar. 12, 2015

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=142358026505815&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142358078406056&w=2
    Added Reference http://marc.info/?l=bugtraq&m=142289270617409&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141879528318582&w=2
  • CVE Modified by [email protected]

    Jan. 31, 2015

    Action Type Old Value New Value
    Added Reference http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
    Added Reference http://support.apple.com/HT204244
  • CVE Modified by [email protected]

    Dec. 24, 2014

    Action Type Old Value New Value
    Added Reference http://secunia.com/advisories/62343
    Added Reference http://secunia.com/advisories/62312
  • CVE Modified by [email protected]

    Dec. 03, 2014

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=141694386919794&w=2
  • CVE Modified by [email protected]

    Nov. 20, 2014

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=141577241923505&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141576728022234&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141577297623641&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141577137423233&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141585637922673&w=2
  • CVE Modified by [email protected]

    Nov. 14, 2014

    Action Type Old Value New Value
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21686447
    Added Reference http://rhn.redhat.com/errata/RHSA-2014-1354.html
    Added Reference http://secunia.com/advisories/61873
  • Initial Analysis by [email protected]

    Sep. 29, 2014

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

97.31 }} 0.03%

score

0.99901

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability
: