Main Vulnerability Database Exploits ID:904 - Exploit for Off-by-one error in Bash - CVE-2014-7187

ID:904 - Exploit for Off-by-one error in Bash - CVE-2014-7187

Published: March 18, 2020

Vulnerability identifier: #VU5328

Vulnerability risk: Critical

CVE-ID: CVE-2014-7187

CWE-ID: CWE-193

Exploitation vector: Remote access

Vulnerable software:
Bash

Link to public exploit:

https://www.exploit-db.com/exploits/34860/

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to off-by-one-error when handling deeply nested flow control constructs. A remote attacker can trigger memory corruption and execute arbitrary code with privileges of the current user.

Exploitation example:

(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
echo "CVE-2014-7187 vulnerable, word_lineno"

Successful exploitation results in arbitrary code execution on the vulnerable system.

Note: this vulnerability was being actively exploited.

Remediation

Update GNU Bash to version 4.3 bash43-027.

ID:904 - Exploit for Off-by-one error in Bash - CVE-2014-7187

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human