CVE-2014-7169


Severity : High
Published : 2014-09-24
Modified : 2015-05-11
Base Score : 10.0
Details : GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
Product/Version : Pro 5.0  
CGE 5.x  
Mobilinux 5.x  
Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
Pro 3.x  
CGE 5.x  
CEE 3.x  
Pro 5.0  
CGE 5.x  
Mobilinux 5.x  
Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
Pro 3.x  
CGE 5.x  
CEE 3.x  
Carrier Grade CGE 7.0  
Carrier Grade CGE 7.0  
Carrier Grade CGE 6.0  
Carrier Grade CGE 6.0  
 
 
 

CVE Vulnerabilities List CVE-2014

CVE-2014-0015 CVE-2014-0076 CVE-2014-0092 CVE-2014-0138
CVE-2014-0191 CVE-2014-0195 CVE-2014-0198 CVE-2014-0203
CVE-2014-0221 CVE-2014-0224 CVE-2014-0475 CVE-2014-1444
CVE-2014-1445 CVE-2014-1446 CVE-2014-1737 CVE-2014-1738
CVE-2014-1874 CVE-2014-2532 CVE-2014-3466 CVE-2014-3467
CVE-2014-3468 CVE-2014-3469 CVE-2014-3470 CVE-2014-3505
CVE-2014-3506 CVE-2014-3508 CVE-2014-3510 CVE-2014-3537
CVE-2014-3565 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568
CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572
CVE-2014-4043 CVE-2014-4699 CVE-2014-4877 CVE-2014-5119
CVE-2014-6040 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278
CVE-2014-7169 CVE-2014-7185 CVE-2014-7186 CVE-2014-7187
CVE-2014-7817 CVE-2014-8121 CVE-2014-8176 CVE-2014-8275
CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9297
CVE-2014-9298 CVE-2014-9447 CVE-2014-9529