10
CVSSv2

CVE-2014-7169

Published: 25/09/2014 Updated: 30/11/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

GNU Bash up to and including 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote malicious users to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnu bash 1.14.0

gnu bash 1.14.1

gnu bash 1.14.2

gnu bash 1.14.3

gnu bash 1.14.4

gnu bash 1.14.5

gnu bash 1.14.6

gnu bash 1.14.7

gnu bash 2.0

gnu bash 2.01

gnu bash 2.01.1

gnu bash 2.02

gnu bash 2.02.1

gnu bash 2.03

gnu bash 2.04

gnu bash 2.05

gnu bash 3.0

gnu bash 3.0.16

gnu bash 3.1

gnu bash 3.2

gnu bash 3.2.48

gnu bash 4.0

gnu bash 4.1

gnu bash 4.2

gnu bash 4.3

Vendor Advisories

Bash allowed bypassing environment restrictions in certain environments ...
Bash allowed bypassing environment restrictions in certain environments ...
Debian Bug report logs - #762760 bash: CVE-2014-7169: Incomplete fix for CVE-2014-6271 Package: bash; Maintainer for bash is Matthias Klose <doko@debianorg>; Source for bash is src:bash (PTS, buildd, popcon) Reported by: "brian m carlson" <sandals@crustytoothpastenet> Date: Wed, 24 Sep 2014 23:45:02 UTC Severity: ...
Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment (CVE-2014-7169) With this update prefix and suffix for environment variable names which contain shell functions are added as h ...
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands Certain services and applications allow remote ...
GNU Bash through 43 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi an ...
ESX 41 without patch ESX410-201410401-SG vCenter Server Appliance prior to 55 U2a ...
A potential security vulnerability has been identified with HP DreamColor Z27x Professional Display running Bash Shell This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code note: Only the HP DreamColor Z27x model is vulnerable ...
Blue Coat products using GNU Bash are vulnerable command injection flaws  A remote attacker may exploit the flaws to execute arbitrary code with elevated privileges or cause a denial of service ...

Exploits

#!/usr/bin/python # Exploit Title: ShellShock dhclient Bash Environment Variable Command Injection PoC # Date: 2014-09-29 # Author: @fdiskyou # e-mail: rui at deniableorg # Version: 41 # Tested on: Debian, Ubuntu, Kali # CVE: CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187 from scapyall import * confcheckIPaddr = Fal ...
<?php /* Title: Bash Specially-crafted Environment Variables Code Injection Vulnerability CVE: 2014-6271 Vendor Homepage: wwwgnuorg/software/bash/ Author: Prakhar Prasad && Subho Halder Author Homepage: prakharprasadcom && appknoxcom Date: September 25th 2014 Tested on: Mac OS X 1094/1095 with Apac ...
# Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection # Date: 7 February 2015 # Exploit Author: Patrick Pellegrino | 0x700x700x650x6c0x6c0x650x670x720x690x6e0x6f@securegroupit [work] / 0x640x330x760x620x700x70@gmailcom [other] # Employer homepage: wwwsecuregroupit # Vendor homepage: wwwqnapcom # Version: ...
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit4 < Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'CUPS Fi ...
## # This module requires Metasploit: http//metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit4 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Ftp include Msf::Exploit::CmdStager def initialize(info = {}) super(update_info(i ...
Exploit Database Note: The following is an excerpt from: securityblogredhatcom/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ Like “real” programming languages, Bash has functions, though in a somewhat limited implementation, and it is possible to put these bash functions into environment variables Th ...
#!/usr/bin/env python # # Exploit Title : IPFire <= 215 core 82 Authenticated cgi Remote Command Injection (ShellShock) # # Exploit Author : Claudio Viviani # # Vendor Homepage : wwwipfireorg # # Software Link: downloadsipfireorg/releases/ipfire-2x/215-core82/ipfire-215i586-full-core82iso # # Date : 2014-09-29 # # Fixed v ...
#!/bin/python # Exploit Title: Shellshock SMTP Exploit # Date: 10/3/2014 # Exploit Author: fattymcwopr # Vendor Homepage: gnuorg # Software Link: ftpgnuorg/gnu/bash/ # Version: 42x < 4248 # Tested on: Debian 7 (postfix smtp server w/procmail) # CVE : 2014-6271 from socket import * import sys def usage(): print "shellshock_sm ...
# Exploit Title: ShellShock OpenVPN Exploit # Date: Fri Oct 3 15:48:08 EDT 2014 # Exploit Author: hobbily AKA @fj33r # Version: 2229 # Tested on: Debian Linux # CVE : CVE-2014-6271 #Probably should of submitted this the day I tweeted it ### serverconf port 1194 proto udp dev tun client-cert-not-required auth-user-pass-verify /etc/openvpn ...
# Exploit Title: PHP 5x Shellshock Exploit (bypass disable_functions) # Google Dork: none # Date: 10/31/2014 # Exploit Author: Ryan King (Starfall) # Vendor Homepage: phpnet # Software Link: phpnet/get/php-562tarbz2/from/a/mirror # Version: 5* (tested on 562) # Tested on: Debian 7 and CentOS 5 and 6 # CVE: CVE-2014-6271 < ...
require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'bashedCgi', 'Description' => %q{ Quick & dirty module to send the BASH ex ...
# Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection # Date: 7 February 2015 # Exploit Author: Patrick Pellegrino | 0x700x700x650x6c0x6c0x650x670x720x690x6e0x6f@securegroupit [work] / 0x640x330x760x620x700x70@gmailcom [other] # Employer homepage: wwwsecuregroupit # Vendor homepage: ww ...
## # This module requires Metasploit: http//metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initialize(info = {}) super(update_info ...
# Exploit Title: Kemp Load Master - Multiple Vulnerabilities (RCE, CSRF, XSS, DoS) # Date: 01 April 2015 # Author: Roberto Suggi Liverani # Software Link: kemptechnologiescom/load-balancer/ # Version: 7116 and previous versions # Tested on: Kemp Load Master 71-16 # CVE : CVE-2014-5287/5288 Link: blogmalerischnet/2015/04/playing ...
#!/usr/bin/python # Exploit Title: dhclient shellshocker # Google Dork: n/a # Date: 10/1/14 # Exploit Author: @0x00string # Vendor Homepage: gnuorg # Software Link: ftpgnuorg/gnu/bash/bash-43targz # Version: 4311 # Tested on: Ubuntu 14041 # CVE : CVE-2014-6277,CVE-2014-6278,CVE-2014-7169,CVE-2014-7186,CVE-2014-7187 # ______ ...

Mailing Lists

A specially-crafted sniffit configuration file can be leveraged to execute code as root ...
GNU Bash version 4311 environment variable dhclient shellshocker exploit ...
This is information regarding more bash vulnerabilities and how the original bash patches are ineffective ...
DNS reverse lookups can be used as a vector of attack for the bash shellshock vulnerability ...

Nmap Scripts

http-shellshock

Attempts to exploit the "shellshock" vulnerability (CVE-2014-6271 and CVE-2014-7169) in web applications.

nmap -sV -p- --script http-shellshock <target>
nmap -sV -p- --script http-shellshock --script-args uri=/cgi-bin/bin,cmd=ls <target>

PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-shellshock: | VULNERABLE: | HTTP Shellshock vulnerability | State: VULNERABLE (Exploitable) | IDs: CVE:CVE-2014-6271 | This web application might be affected by the vulnerability known as Shellshock. It seems the server | is executing commands injected via malicious HTTP headers. | | Disclosure date: 2014-09-24 | References: | http://www.openwall.com/lists/oss-security/2014/09/24/10 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 | http://seclists.org/oss-sec/2014/q3/685 |_ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271

Github Repositories

Cookbook for remediating Shellshock (work in progress)

Skeleton Cookbook This cookbook is designed to test and optionally remediate the bash "shellshock" bug, more formally known as cve-2014-7169 Requirements Platform: Tested on CentOS 65 Tested on Ubuntu 1204 Cookbooks: chef_handler Attributes List attributes here Recipes cve-2014-7169::default Audits and remediates cve-2014-7169 ("Shellshock") cve-201

Unix/Linux Hot Vulnerability mass patching tool, identifies the operating system and uses a simple repository to patch, log and manage the process

======= patchme Unix/Linux Hot Vulnerability mass patching tool, identifies the operating system and uses a simple repository to patch, log and manage the process Author: Jack Bezalel ( jackbezalelcom jackbezalelnet linkedincom/in/jackbezalel ) To use patch me you need to have this directory structure in place: /patches /patches/bin - includes all sh pr

This will update bash bug

Shell-Shock-Update This will update bash bug How to check for shell shock bug Exploit 1 (CVE-2014-6271) env x='() { :;}; echo vulnerable' bash -c "echo this is a test" Even after udpating it may not work Exploit 2 (CVE-2014-7169) cd /tmp; env X='() { (a)=&gt;\' bash -c "echo date"; cat echo Exploit 3 env -i X=' () { }; echo hel

Dev & Test Security Chef Cookbook

mysecurity-cookbook Cookbook Sample security cookbook used for dev &amp; test purposes Requirements 'ohai' cookbook Attributes Usage mysecurity-cookbook::default Add 'mysecurity-cookbook::default' to the run list The installed ohai plugin creates two automatic node attributes: node['languages']['bash']['version'] - Versio

Totalshares is a ruby gem that provides classes and a command line tool to fetch the number of shares on various social networks of a specific webpage or an entire website.

Totalshares Totalshares is a ruby gem that provides classes(Website and Webpage) to get the number of shares of a specific webpage or an entire website on various social networks ####install &gt; gem install totalshares Webpage 210 :001 &gt; require 'totalshares' =&gt; true 210 :002 &gt; webpage = Totalshares::Webpagenew "wwwthegee

bash-cve-2014-7169-cookbook Ensures bash 'shellshock' vulnerability is patched Based on blog post written by Julian Dunn @ Chef wwwchefio/blog/2014/09/30/detecting-repairing-shellshock-with-chef/

This is a quick custom grain that you can add to your Salt system to check your systems for vulnerability to the Shellshock bug (CVE-2014-6271 and CVE-2014-7169) To use it, place a copy of shellshockpy in /srv/salt/_grains and then run: salt '*' saltutilsync_grains Once that has run, you should be able to tell which of your systems is vulnerable by running: salt &

This module determine the vulnerability of a bash binary to the shellshock exploits (CVE-2014-6271 or CVE-2014-7169) and then patch that where possible

This module determine the vulnerability of a bash binary to the shellshock exploits (CVE-2014-6271 or CVE-2014-7169) and then patch that where possible Supported platforms: Debian (5, 6, 7) Ubuntus (1204 LTS, 1404 LTS, 1410) RHEL/CentOS (5, 6) Usage class {'shellshock': } Facter provided facter -p shellshock not_vulnerable Author Renan Vicente (@renanvicent

Detailed description and usage, see: weibocom/1363173330/BoKSHl0YE CVE-2014-6271 CVE-2014-7169 remote code execution through bash twittercom/taviso/status/514887394294652929 官方补丁不靠谱,这个修复了绕过问题。 成功patch了bash 42 版本

bash vulnerability script for openvz - quick fix for most popular OS containers

bash-vulnerability Shellshock (CVE-2014-6271, CVE-2014-7169) bash vulnerability script for openvz - quick fix for most popular OS containers Shellshock (CVE-2014-6271, CVE-2014-7169) created by wwwVPSnetlt with this script you can easy fix bash vulnerability (CVE-2014-6271, CVE-2014-7169) for all openvz containers you can change sources to thous witch you need and inproove sc

Some scripts

scripts Scripts for common lifeWelcome to contribute script and chat in gitter script_testpy - use for travis CI pipeline Code Some scripts help for CodingAuthor info generator,etc shellscript_help_gensh - generate shell script help info part code git_pushsh - push code $1 is commit context Linux Some scripts use for systemSystem checker,etc shellshock_che

Shellshock-Bash-Remote-Code-Execution-Vulnerability-and-Exploitation Before moving into the shellshock vulnerability, everyone should know about the bash environment So let move on the bash When your computer boots up, kernal will identify each and every hardwares and components which are enabled Each and every computers which are using UNIX kernal they will have this shell

Apple Mac OS X bash-92 updated to 3.2.54 (shellshock patched)

This repository is deprecated since Apple released an official hotfix, referred to as the OS X bash Update 10, which updates bash to 3253 (although not 3254, aka Florian's patch) That update does seem to apply portions of Florian's patch The updated bash-9212 code is also available from Apple, and I've created a branch containing that source code Ap

Wrapper for /bin/bash that mitigates 'shellshock'

bash-shellshock wrapper This is a small wrapper around /bin/bash that refuses to start bash if any environment variables start with '(' It can also be run in a log-only mode and a mode that strips these 'bad' environment variables You can install this as a temporary workaround if you don't fully trust the latest patches for CVE-2014-6271 and CVE-2014

Patch bash #shellshock with ansible

patch-bash-shellshock Patch bash #shellshock with ansible Supported distributions Debian Ubuntu Usage : pip install ansible ansible-playbook -i your_inventory_file patch-bash-CVE-2014-7169yml # or ansible-playbook -i "192168010," patch-bash-CVE-2014-7169yml your_inventory_file just need to contain your server list : 192168010 webserver1examplecom webserve

Shellshock exploit + vulnerable environment

Shellshock exploit + vulnerable environment Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014 Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbi

Dokku Alternative Unmaintained, Migrate to Dokku as soon as possible Docker powered mini-Heroku The smallest PaaS implementation you've ever seen It's a fork of the original dokku The idea behind this fork is to provide complete solution with plugins covering most use-cases which are stable and well tested Features Debian-based installation and upgrade! Git de

Docker image to exploit RCE, try for pentest methods and test container security solutions (trivy, falco and etc.)

Shellshock exploit + vulnerable environment Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014 Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbi

Linux pentest tools

linux-pentest Linux pentest tools linuxprivcheckerpy This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits portknocksh Port knock script using nmap Requests multiple ports as variables Knocks

w-test #!/bin/bash warn() { if [ "$scary" == "1" ]; then echo -e "\033[91mVulnerable to $1\033[39m" else echo -e "\033[93mFound non-exploitable $1\033[39m" fi } good() { echo -e "\033[92mNot vulnerable to $1\033[39m" } [ -n "$1" ] &amp;&amp; bash=$(which $1) || bash=$(which bash) echo -e "\033[95mTesting $

Automated mass-patching for shellshocker bash vulnerabilities

ShockTrooper What is this? A quickly thrown together script -- based on information from Shellshockernet -- to ssh into, detect, and patch shellshock vulnerabilities across a number of remote servers, with the built in package manager on each given server Currently supported: Debian/Ubuntu using apt-get Redhat/CentOS using yum Arch using pacman (theoretical support, not yet

The tool inject a malicious user agent that allows exploring the vulnerabildiade sheelshock running server-side commands.

Xpl-SHELLSHOCK-Ch3ck The tool inject a malicious user agent that allows exploring the vulnerabildiade sheellshock running server-side commands # SCRIPT by: [ I N U R L - B R A S I L ] - [ By GoogleINURL ] # EXPLOIT NAME: Xpl SHELLSHOCK Ch3ck Tool - (MASS)/ INURL BRASIL # AUTOR: Cleiton Pinheiro / Nick: googleINURL # Email: inurlbr@gmailcom

test script for shellshocker and related vulnerabilities

bashcheck Test script for Shellshock and related vulnerabilities background The Bash vulnerability that is now known as Shellshock had an incomplete fix at first There are currently 6 public vulnerabilities shellshock and heartbleed I wrote down some general thoughts about recent events and security in free software: bloghboeckde/archives/857-How-to-stop-Bleeding-H

Contains compiled bash & sh binaries that have been patched against the CVEs associated with 'shellshock' vulnerabilities.

Shellshock fix for OS X This repository contains precompiled bash 3257 &amp; sh binaries which are patched against the following CVEs associated with the 'shellshock' vulnerabilities listed below It also contains a script ('compileAndReplaceBash-3257sh') that can be used by running /compileAndReplaceBash-3257sh from the command line bash32-052

Collection of Proof of Concepts and Potential Targets for #ShellShocker

Shellshocker - Repository of "Shellshock" Proof of Concept Code Collection of Proof of Concepts and Potential Targets for #ShellShocker Wikipedia Link: enwikipediaorg/wiki/Shellshock_%28software_bug%29#CVE-2014-7186_and_CVE-2014-7187_Details Please submit a pull request if you have more links or other resources Speculation:(Non-confirmed possibly vulnerable)

Write-ups / walkthroughs of 'boot to root' Capture The Flag (CTF) challenges

Boot to root CTFs Walkthroughs and notes of 'boot to root' CTFs mostly from VulnHub that I did for fun I like to use vulnerable VMs from VulnHub (in addition to the ones I create) to organize hands-on penetration testing training sessions for junior security auditors/consultants :-) Classic pentest methodology to do a Boot2root CTF Step 1 - Scanning and enumeratio

Write-ups / walkthroughs of 'boot to root' Capture The Flag (CTF) challenges

Boot to root CTFs Walkthroughs and notes of 'boot to root' CTFs mostly from VulnHub that I did for fun I like to use vulnerable VMs from VulnHub (in addition to the ones I create) to organize hands-on penetration testing training sessions for junior security auditors/consultants :-) Classic pentest methodology to do a Boot2root CTF Step 1 - Scanning and enumeratio

Recent Articles

Researcher Takes Wraps off Two Undisclosed Shellshock Vulnerabilities in Bash
Threatpost • Michael Mimoso • 03 Oct 2014

The Bash bug has kept Linux and UNIX administrators busy deploying a half-dozen patches, worrying about numerous Shellshock exploits in the wild, and a laboring over a general uncertainty that the next supposed fix will break even more stuff.
Researcher Michal Zalewski, a longtime bug-hunter, has been front and center on some of the Bash research and last week said he had found two additional bugs in the Bourne Again Shell, details of which he’d kept to himself until yesterday.
Za...

VMware Begins to Patch Bash Issues Across Product Line
Threatpost • Chris Brook • 01 Oct 2014

Much like Heartbleed triggered vendors to issue out of band patches to remedy vulnerabilities that popped up earlier this year, Shellshock, the Bash vulnerability, has forced vendors’ hands in a similar fashion.
Virtualization firm VMware issued a progress report on fixes for four different types of products as they relate to the bug on Monday.
For the most part the company still has its hands full.
According to yesterday’s security advisory, it’s currently in the middle ...

Oracle SHELLSHOCKER - data titan lists unpatchables
The Register • Neil McAllister in San Francisco • 27 Sep 2014

Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln

Oracle has confirmed that at least 32 of its products are affected by the vulnerability recently discovered in the Bash command-line interpreter – aka the "Shellshock" bug – including some of the company's pricey integrated hardware systems.
The database giant issued a security alert regarding the issue on Friday, warning that many Oracle customers will have to wait awhile longer to receive patches.
"Oracle is still investigating this issue and will provide fixes for affected pro...

Stunned by Shellshock Bash bug? Patch all you can – or be punished
The Register • John Leyden • 26 Sep 2014

UK data watchdog rolls up its sleeves, polishes truncheon

Updated The UK's privacy watchdog is urging organisations to protect their systems against the infamous Shellshock vulnerability in Bash – even though the full scope of the security bug remains unclear.
The Shellshock flaw affects Bash up to and including version 4.3. It's a vital component of many Linux and Unix systems, as well as networking kit and embedded devices. It's also present in the latest versions of Apple's OS X for Macs.
The flaw allows hackers to execute arbitrary co...

Hackers thrash Bash Shellshock bug: World races to cover hole
The Register • John Leyden • 25 Sep 2014

Update your gear now to avoid early attacks hitting the web

Sysadmins and users have been urged to patch the severe Shellshock vulnerability in Bash on Linux and Unix systems – as hackers ruthlessly exploit the flaw to compromise or crash computers.
But as "millions" of servers, PCs and devices lay vulnerable or are being updated, it's emerged the fix is incomplete.
The flaw affects the GNU Bourne Again Shell – better known as Bash – which is a widely installed command interpreter used by many Linux and Unix operating systems – includ...

Bash Exploit Reported, First Round of Patches Incomplete
Threatpost • Michael Mimoso • 25 Sep 2014

The urgency to patch systems against the Bash zero-day vulnerability has been cranked to 10 after reports of an exploit in the wild have been made public by AusCERT, the Computer Emergency Response Team of Australia.
This seems to reflect a similar finding posted by a researcher who goes by the handle Yinette who found a malware sample that points to a bot being distributed by the exploit.
Other researchers, including David Jacoby of Kaspersky Lab, right and podcast below, and Robert...

References

CWE-78http://advisories.mageia.org/MGASA-2014-0393.htmlhttp://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlhttp://jvn.jp/en/jp/JVN55667175/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000126http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlhttp://linux.oracle.com/errata/ELSA-2014-1306.htmlhttp://linux.oracle.com/errata/ELSA-2014-3075.htmlhttp://linux.oracle.com/errata/ELSA-2014-3077.htmlhttp://linux.oracle.com/errata/ELSA-2014-3078.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlhttp://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlhttp://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlhttp://marc.info/?l=bugtraq&m=141216207813411&w=2http://marc.info/?l=bugtraq&m=141216668515282&w=2http://marc.info/?l=bugtraq&m=141235957116749&w=2http://marc.info/?l=bugtraq&m=141319209015420&w=2http://marc.info/?l=bugtraq&m=141330425327438&w=2http://marc.info/?l=bugtraq&m=141330468527613&w=2http://marc.info/?l=bugtraq&m=141345648114150&w=2http://marc.info/?l=bugtraq&m=141383026420882&w=2http://marc.info/?l=bugtraq&m=141383081521087&w=2http://marc.info/?l=bugtraq&m=141383138121313&w=2http://marc.info/?l=bugtraq&m=141383196021590&w=2http://marc.info/?l=bugtraq&m=141383244821813&w=2http://marc.info/?l=bugtraq&m=141383304022067&w=2http://marc.info/?l=bugtraq&m=141383353622268&w=2http://marc.info/?l=bugtraq&m=141383465822787&w=2http://marc.info/?l=bugtraq&m=141450491804793&w=2http://marc.info/?l=bugtraq&m=141576728022234&w=2http://marc.info/?l=bugtraq&m=141577137423233&w=2http://marc.info/?l=bugtraq&m=141577241923505&w=2http://marc.info/?l=bugtraq&m=141577297623641&w=2http://marc.info/?l=bugtraq&m=141585637922673&w=2http://marc.info/?l=bugtraq&m=141694386919794&w=2http://marc.info/?l=bugtraq&m=141879528318582&w=2http://marc.info/?l=bugtraq&m=142113462216480&w=2http://marc.info/?l=bugtraq&m=142118135300698&w=2http://marc.info/?l=bugtraq&m=142358026505815&w=2http://marc.info/?l=bugtraq&m=142358078406056&w=2http://marc.info/?l=bugtraq&m=142721162228379&w=2http://marc.info/?l=bugtraq&m=142805027510172&w=2http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlhttp://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1306.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1311.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1312.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1354.htmlhttp://seclists.org/fulldisclosure/2014/Oct/0http://secunia.com/advisories/58200http://secunia.com/advisories/59272http://secunia.com/advisories/59737http://secunia.com/advisories/59907http://secunia.com/advisories/60024http://secunia.com/advisories/60034http://secunia.com/advisories/60044http://secunia.com/advisories/60055http://secunia.com/advisories/60063http://secunia.com/advisories/60193http://secunia.com/advisories/60325http://secunia.com/advisories/60433http://secunia.com/advisories/60947http://secunia.com/advisories/61065http://secunia.com/advisories/61128http://secunia.com/advisories/61129http://secunia.com/advisories/61188http://secunia.com/advisories/61283http://secunia.com/advisories/61287http://secunia.com/advisories/61291http://secunia.com/advisories/61312http://secunia.com/advisories/61313http://secunia.com/advisories/61328http://secunia.com/advisories/61442http://secunia.com/advisories/61471http://secunia.com/advisories/61479http://secunia.com/advisories/61485http://secunia.com/advisories/61503http://secunia.com/advisories/61550http://secunia.com/advisories/61552http://secunia.com/advisories/61565http://secunia.com/advisories/61603http://secunia.com/advisories/61618http://secunia.com/advisories/61619http://secunia.com/advisories/61622http://secunia.com/advisories/61626http://secunia.com/advisories/61633http://secunia.com/advisories/61641http://secunia.com/advisories/61643http://secunia.com/advisories/61654http://secunia.com/advisories/61676http://secunia.com/advisories/61700http://secunia.com/advisories/61703http://secunia.com/advisories/61711http://secunia.com/advisories/61715http://secunia.com/advisories/61780http://secunia.com/advisories/61816http://secunia.com/advisories/61855http://secunia.com/advisories/61857http://secunia.com/advisories/61873http://secunia.com/advisories/62228http://secunia.com/advisories/62312http://secunia.com/advisories/62343http://support.apple.com/kb/HT6495http://support.novell.com/security/cve/CVE-2014-7169.htmlhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashhttp://twitter.com/taviso/statuses/514887394294652929http://www.debian.org/security/2014/dsa-3035http://www.kb.cert.org/vuls/id/252743http://www.mandriva.com/security/advisories?name=MDVSA-2015:164http://www.novell.com/support/kb/doc.php?id=7015701http://www.novell.com/support/kb/doc.php?id=7015721http://www.openwall.com/lists/oss-security/2014/09/24/32http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlhttp://www.qnap.com/i/en/support/con_show.php?cid=61http://www.securityfocus.com/archive/1/533593/100/0/threadedhttp://www.ubuntu.com/usn/USN-2363-1http://www.ubuntu.com/usn/USN-2363-2http://www.us-cert.gov/ncas/alerts/TA14-268Ahttp://www.vmware.com/security/advisories/VMSA-2014-0010.htmlhttp://www-01.ibm.com/support/docview.wss?uid=isg3T1021272http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915http://www-01.ibm.com/support/docview.wss?uid=swg21685541http://www-01.ibm.com/support/docview.wss?uid=swg21685604http://www-01.ibm.com/support/docview.wss?uid=swg21685733http://www-01.ibm.com/support/docview.wss?uid=swg21685749http://www-01.ibm.com/support/docview.wss?uid=swg21685914http://www-01.ibm.com/support/docview.wss?uid=swg21686084http://www-01.ibm.com/support/docview.wss?uid=swg21686131http://www-01.ibm.com/support/docview.wss?uid=swg21686246http://www-01.ibm.com/support/docview.wss?uid=swg21686445http://www-01.ibm.com/support/docview.wss?uid=swg21686447http://www-01.ibm.com/support/docview.wss?uid=swg21686479http://www-01.ibm.com/support/docview.wss?uid=swg21686494http://www-01.ibm.com/support/docview.wss?uid=swg21687079http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315https://access.redhat.com/articles/1200223https://access.redhat.com/node/1200223https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixeshttps://kb.bluecoat.com/index?page=content&id=SA82https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648https://kc.mcafee.com/corporate/index?page=content&id=SB10085https://support.apple.com/kb/HT6535https://support.citrix.com/article/CTX200217https://support.citrix.com/article/CTX200223https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlhttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlertshttps://www.exploit-db.com/exploits/34879/https://www.suse.com/support/shellshock/https://github.com/ChefRycar/cookbook_shellshockhttps://www.rapid7.com/db/vulnerabilities/suse-cve-2014-7169https://nvd.nist.govhttps://ics-cert.us-cert.gov/advisories/ICSA-14-269-01Ahttps://www.exploit-db.com/exploits/36933/https://www.kb.cert.org/vuls/id/252743