Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

CVE-2014-6277

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.

SeverityHIGH
CVSS10.0
CWECWE-78
KEV
Published
Modified

Related Products

Product Advisory Evidence
Cisco Wide Area Application Services (WAAS) cisco-sa-20140926-bash Cisco OpenVuln
Cisco WebEx Node for MCS cisco-sa-20140926-bash Cisco OpenVuln
Cisco WebEx Node for ASR 1000 Series cisco-sa-20140926-bash Cisco OpenVuln
Cisco Virtualization Experience Client 6000 Series Firmware cisco-sa-20140926-bash Cisco OpenVuln
Cisco Videoscape Distribution Suite Service Broker cisco-sa-20140926-bash Cisco OpenVuln
Cisco Video Surveillance Media Server Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco Universal Small Cell Series Firmware cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unity Connection cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unity cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Intelligence Center cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Contact Center Enterprise cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Contact Center cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Computing System Central Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Computing System (Standalone) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Computing System (Managed) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Communications Manager cisco-sa-20140926-bash Cisco OpenVuln
Cisco Unified Communications Domain Manager cisco-sa-20140926-bash Cisco OpenVuln
Cisco UCS Director cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence Video Communication Server (VCS) cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence TX9000 cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence TX900 cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence TE Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence System Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence Recording Server cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence Multipoint Switch cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence Manager cisco-sa-20140926-bash Cisco OpenVuln
Cisco TelePresence cisco-sa-20140926-bash Cisco OpenVuln
Cisco SocialMiner cisco-sa-20140926-bash Cisco OpenVuln
Cisco Show and Share cisco-sa-20140926-bash Cisco OpenVuln
Cisco Service Control Engine (SCE) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Secure Access Control System (ACS) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime Service Catalog cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime Security Manager (PRSM) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime Network Control System cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime Network cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime LAN Management Solution (LMS) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime Infrastructure cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime Collaboration cisco-sa-20140926-bash Cisco OpenVuln
Cisco Prime Access Registrar cisco-sa-20140926-bash Cisco OpenVuln
Cisco Physical Access Gateway cisco-sa-20140926-bash Cisco OpenVuln
Cisco PGW 2200 Softswitch cisco-sa-20140926-bash Cisco OpenVuln
Cisco Nexus 1000V Switch cisco-sa-20140926-bash Cisco OpenVuln
Cisco Network Analysis Module (NAM) Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco Network Admission Control Guest Server cisco-sa-20140926-bash Cisco OpenVuln
Cisco NetFlow Collection Engine cisco-sa-20140926-bash Cisco OpenVuln
Cisco NX-OS Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco NAC Appliance Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco MediaSense cisco-sa-20140926-bash Cisco OpenVuln
Cisco MXE 5600 Media Experience Engine cisco-sa-20140926-bash Cisco OpenVuln
Cisco MXE 3500 (Media Experience Engine) cisco-sa-20140926-bash Cisco OpenVuln
Cisco MDS SAN-OS Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco IronPort Encryption Appliance cisco-sa-20140926-bash Cisco OpenVuln
Cisco Intrusion Detection System (IDS) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Identity Services Engine Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco IP Interoperability and Collaboration System (IPICS) cisco-sa-20140926-bash Cisco OpenVuln
Cisco IOS XE Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco IOS cisco-sa-20140926-bash Cisco OpenVuln
Cisco GSS Global Site Selector cisco-sa-20140926-bash Cisco OpenVuln
Cisco Finesse cisco-sa-20140926-bash Cisco OpenVuln
Cisco Enterprise Content Delivery System (ECDS) cisco-sa-20140926-bash Cisco OpenVuln
Cisco Emergency Responder cisco-sa-20140926-bash Cisco OpenVuln
Cisco Edge 300 Series cisco-sa-20140926-bash Cisco OpenVuln
Cisco Digital Media Player Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco Digital Media Manager Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco Business Edition 3000 Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco Application and Content Networking System (ACNS) Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco ASR 5000 Series Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco ASA CX Context-Aware Security Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco ACE 4700 Series Application Control Engine Appliances cisco-sa-20140926-bash Cisco OpenVuln
Application and Content Networking System (ACNS) Software cisco-sa-20140926-bash Cisco OpenVuln
Cisco Catalyst 9600 Series Switches cisco-sa-20140926-bash Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches cisco-sa-20140926-bash Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches cisco-sa-20140926-bash Cisco OpenVuln · software-dependent
Cisco Catalyst 9300 Series Switches cisco-sa-20140926-bash Cisco OpenVuln · software-dependent
Cisco Catalyst 9200 Series Switches cisco-sa-20140926-bash Cisco OpenVuln · software-dependent