Statements (67)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:CEO
|
| gptkbp:bfsLayer |
4
|
| gptkbp:bfsParent |
gptkb:Shell_Shock
|
| gptkbp:availability |
gptkb:None
Publicly available. |
| gptkbp:base |
10.0
|
| gptkbp:code |
Available
|
| gptkbp:communication |
gptkb:None
|
| gptkbp:coordinates |
gptkb:television_channel
|
| gptkbp:data_privacy |
gptkb:High
|
| gptkbp:defense_mechanism |
HTTP request manipulation.
|
| gptkbp:difficulty |
gptkb:Low
Critical |
| gptkbp:discovered_by |
Public disclosure
|
| gptkbp:distributor |
gptkb:CEO
|
| gptkbp:economic_impact |
Severe.
|
| gptkbp:enemy |
gptkb:television_channel
|
| gptkbp:final_score |
10.0
|
| gptkbp:first_published |
2019-10-03
|
| gptkbp:game_components |
Bash shell.
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2014-6271
|
| gptkbp:impact |
gptkb:High
Remote code execution Allows attackers to execute arbitrary commands. Critical impact on security. |
| gptkbp:interacts_with |
gptkb:None
|
| gptkbp:is_affected_by |
Various web servers and applications.
|
| gptkbp:is_described_as |
A vulnerability in the Bash shell that allows remote attackers to execute arbitrary code via crafted environment variables.
|
| gptkbp:is_protected_by |
Update Bash to the latest version.
|
| gptkbp:is_referenced_in |
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2014-6271
https://nvd.nist.gov/vuln/detail/ CVE-2014-6271 https://www.securityfocus.com/bid/69812 https://www.us-cert.cisa.gov/ncas/alerts/2014/ S A14-268 A |
| gptkbp:is_vulnerable_to |
gptkb:Shellshock
3.9 Injection High. Critical. Publicly disclosed. Allows arbitrary code execution. Allows remote attackers to execute arbitrary code. Exploitable remotely Patched. Remote code execution vulnerability. Remote code execution. |
| gptkbp:latest_version |
Bash versions prior to 4.3
|
| gptkbp:notable_album |
2014-09-24
|
| gptkbp:objective |
Unchanged
|
| gptkbp:platform |
Linux, mac OS.
|
| gptkbp:published_year |
2014-09-24
|
| gptkbp:reports_to |
gptkb:US-CERT
|
| gptkbp:restoration |
Update to the latest version of Bash.
|
| gptkbp:role |
gptkb:None
|
| gptkbp:security_features |
gptkb:High
High. Available. Exploited through crafted HTTP requests. Multiple security advisories issued. https://www.cisa.gov/uscert/ncas/alerts/2014/ S A14-268 A |
| gptkbp:status |
Resolved
|
| gptkbp:supports |
gptkb:operating_system
Unix-like operating systems |
| gptkbp:sustainability_initiatives |
Apply patches and updates.
|
| gptkbp:threats |
gptkb:Low
|
| gptkbp:type |
Code execution vulnerability
|
| gptkbp:updates |
gptkb:battle
|
| gptkbp:year_created |
2014-09-24
|