Main Vulnerability Database Exploits ID:1780 - Exploit for Command injection in Bash - CVE-2014-6278

ID:1780 - Exploit for Command injection in Bash - CVE-2014-6278

Published: March 18, 2020

Vulnerability identifier: #VU5322

Vulnerability risk: Critical

CVE-ID: CVE-2014-6278

CWE-ID: CWE-77

Exploitation vector: Remote access

Vulnerable software:
Bash

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/multi/http/apache_mod_cgi_bash_env_exec

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to an incomplete fix related to the parsing of user scripts. By using attack vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, a remote attacker can execute arbitrary code with privileges of the current user. The vulnerability was introduced by incorrect patching of vulnerabilities #1 (CVE-2014-6271), #2 (CVE-2014-7169) and #3 (CVE-2014-6277)

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: this vulnerability was being actively exploited.

Remediation

Update GNU Bash to version 4.3 bash43-027.

ID:1780 - Exploit for Command injection in Bash - CVE-2014-6278

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human