NVD - Detail

National Cyber Awareness System

Vulnerability Summary for CVE-2014-6271

Original release date: 09/24/2014

Last revised: 06/28/2016

Source: US-CERT/NIST

Overview

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score: 10.0 HIGH

Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: HP

Name: HPSBHF03145

Hyperlink: http://marc.info/?l=bugtraq&m=141383465822787&w=2

External Source: BUGTRAQ

Name: 20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities

Hyperlink: http://www.securityfocus.com/archive/1/archive/1/533593/100/0/threaded

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21686246

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686246

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21687079

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21687079

External Source: MISC

Name: http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html

Hyperlink: http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html

External Source: HP

Name: HPSBMU03165

Hyperlink: http://marc.info/?l=bugtraq&m=141577137423233&w=2

External Source: HP

Name: HPSBST03148

Hyperlink: http://marc.info/?l=bugtraq&m=141694386919794&w=2

External Source: HP

Name: HPSBMU03144

Hyperlink: http://marc.info/?l=bugtraq&m=141383081521087&w=2

External Source: HP

Name: SSRT101742

Hyperlink: http://marc.info/?l=bugtraq&m=142358026505815&w=2

External Source: REDHAT

Name: RHSA-2014:1293

Hyperlink: http://rhn.redhat.com/errata/RHSA-2014-1293.html

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21686445

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686445

External Source: EXPLOIT-DB

Name: 39918

Type: Exploit

Hyperlink: https://www.exploit-db.com/exploits/39918/

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21685604

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21685604

External Source: SUSE

Name: openSUSE-SU-2014:1238

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html

External Source: CONFIRM

Name: https://kb.bluecoat.com/index?page=content&id=SA82

Hyperlink: https://kb.bluecoat.com/index?page=content&id=SA82

External Source: REDHAT

Name: RHSA-2014:1294

Hyperlink: http://rhn.redhat.com/errata/RHSA-2014-1294.html

External Source: HP

Name: HPSBST03122

Hyperlink: http://marc.info/?l=bugtraq&m=141319209015420&w=2

External Source: HP

Name: HPSBST03154

Hyperlink: http://marc.info/?l=bugtraq&m=141577297623641&w=2

External Source: HP

Name: HPSBMU03182

Hyperlink: http://marc.info/?l=bugtraq&m=141585637922673&w=2

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879

External Source: HP

Name: HPSBHF03125

Hyperlink: http://marc.info/?l=bugtraq&m=141345648114150&w=2

External Source: HP

Name: HPSBGN03141

Hyperlink: http://marc.info/?l=bugtraq&m=141383304022067&w=2

External Source: CONFIRM

Name: https://access.redhat.com/articles/1200223

Hyperlink: https://access.redhat.com/articles/1200223

External Source: DEBIAN

Name: DSA-3032

Hyperlink: http://www.debian.org/security/2014/dsa-3032

External Source: HP

Name: HPSBST03129

Hyperlink: http://marc.info/?l=bugtraq&m=141383196021590&w=2

External Source: SUSE

Name: openSUSE-SU-2014:1226

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html

External Source: HP

Name: SSRT101711

Hyperlink: http://marc.info/?l=bugtraq&m=142113462216480&w=2

External Source: CONFIRM

Name: https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html

Hyperlink: https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html

External Source: CONFIRM

Name: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts

Hyperlink: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts

External Source: CERT

Name: TA14-268A

Type: US Government Resource

Hyperlink: http://www.us-cert.gov/ncas/alerts/TA14-268A

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272

External Source: APPLE

Name: APPLE-SA-2014-10-16-1

Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html

External Source: SUSE

Name: SUSE-SU-2014:1223

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html

External Source: HP

Name: HPSBHF03119

Hyperlink: http://marc.info/?l=bugtraq&m=141216668515282&w=2

External Source: FULLDISC

Name: 20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities

Hyperlink: http://seclists.org/fulldisclosure/2014/Oct/0

External Source: CONFIRM

Name: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648

Hyperlink: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648

External Source: HP

Name: HPSBMU03133

Hyperlink: http://marc.info/?l=bugtraq&m=141330425327438&w=2

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915

External Source: REDHAT

Name: RHSA-2014:1295

Hyperlink: http://rhn.redhat.com/errata/RHSA-2014-1295.html

External Source: CONFIRM

Name: http://www.vmware.com/security/advisories/VMSA-2014-0010.html

Hyperlink: http://www.vmware.com/security/advisories/VMSA-2014-0010.html

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21686131

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686131

External Source: CISCO

Name: 20140926 GNU Bash Environmental Variable Command Injection Vulnerability

Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash

External Source: CONFIRM

Name: http://www.novell.com/support/kb/doc.php?id=7015701

Hyperlink: http://www.novell.com/support/kb/doc.php?id=7015701

External Source: SUSE

Name: SUSE-SU-2014:1260

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html

External Source: CONFIRM

Name: https://www.suse.com/support/shellshock/

Hyperlink: https://www.suse.com/support/shellshock/

External Source: REDHAT

Name: RHSA-2014:1354

Hyperlink: http://rhn.redhat.com/errata/RHSA-2014-1354.html

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21685749

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21685749

External Source: HP

Name: SSRT101819

Hyperlink: http://marc.info/?l=bugtraq&m=142721162228379&w=2

External Source: SUSE

Name: SUSE-SU-2014:1287

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html

External Source: HP

Name: HPSBHF03124

Hyperlink: http://marc.info/?l=bugtraq&m=141235957116749&w=2

External Source: CONFIRM

Name: http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html

Hyperlink: http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html

External Source: HP

Name: HPSBGN03142

Hyperlink: http://marc.info/?l=bugtraq&m=141383244821813&w=2

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21686479

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686479

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898

External Source: HP

Name: HPSBHF03146

Hyperlink: http://marc.info/?l=bugtraq&m=141383353622268&w=2

External Source: CONFIRM

Name: http://support.novell.com/security/cve/CVE-2014-6271.html

Hyperlink: http://support.novell.com/security/cve/CVE-2014-6271.html

External Source: SUSE

Name: openSUSE-SU-2014:1254

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html

External Source: MISC

Name: http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html

Type: Exploit

Hyperlink: http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html

External Source: MISC

Name: http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html

Hyperlink: http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html

External Source: HP

Name: HPSBST03181

Hyperlink: http://marc.info/?l=bugtraq&m=141577241923505&w=2

External Source: MISC

Name: http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html

Hyperlink: http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html

External Source: MISC

Name: http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html

Hyperlink: http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html

External Source: CONFIRM

Name: http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315

Hyperlink: http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21686494

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686494

External Source: MANDRIVA

Name: MDVSA-2015:164

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2015:164

External Source: JVN

Name: JVN#55667175

Type: Vendor Advisory

Hyperlink: http://jvn.jp/en/jp/JVN55667175/index.html

External Source: HP

Name: HPSBMU03143

Hyperlink: http://marc.info/?l=bugtraq&m=141383026420882&w=2

External Source: HP

Name: HPSBST03157

Hyperlink: http://marc.info/?l=bugtraq&m=141450491804793&w=2

External Source: JVNDB

Name: JVNDB-2014-000126

Type: Vendor Advisory

Hyperlink: http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361

External Source: HP

Name: HPSBST03265

Hyperlink: http://marc.info/?l=bugtraq&m=142546741516006&w=2

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21685914

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21685914

External Source: HP

Name: HPSBST03155

Hyperlink: http://marc.info/?l=bugtraq&m=141576728022234&w=2

External Source: SUSE

Name: openSUSE-SU-2014:1308

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21686447

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686447

External Source: CONFIRM

Name: https://support.citrix.com/article/CTX200223

Hyperlink: https://support.citrix.com/article/CTX200223

External Source: CONFIRM

Name: http://advisories.mageia.org/MGASA-2014-0388.html

Hyperlink: http://advisories.mageia.org/MGASA-2014-0388.html

External Source: HP

Name: SSRT101816

Hyperlink: http://marc.info/?l=bugtraq&m=142719845423222&w=2

External Source: CONFIRM

Name: https://support.citrix.com/article/CTX200217

Hyperlink: https://support.citrix.com/article/CTX200217

External Source: UBUNTU

Name: USN-2362-1

Hyperlink: http://www.ubuntu.com/usn/USN-2362-1

External Source: HP

Name: HPSBGN03138

Hyperlink: http://marc.info/?l=bugtraq&m=141330468527613&w=2

External Source: HP

Name: HPSBST03131

Hyperlink: http://marc.info/?l=bugtraq&m=141383138121313&w=2

External Source: CONFIRM

Name: https://support.apple.com/kb/HT6535

Hyperlink: https://support.apple.com/kb/HT6535

External Source: SUSE

Name: SUSE-SU-2014:1212

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html

External Source: CONFIRM

Name: http://www.novell.com/support/kb/doc.php?id=7015721

Hyperlink: http://www.novell.com/support/kb/doc.php?id=7015721

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21685541

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21685541

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279

External Source: HP

Name: SSRT101868

Hyperlink: http://marc.info/?l=bugtraq&m=142118135300698&w=2

External Source: HP

Name: HPSBMU03246

Hyperlink: http://marc.info/?l=bugtraq&m=142358078406056&w=2

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21686084

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21686084

External Source: CERT-VN

Name: VU#252743

Type: US Government Resource

Hyperlink: http://www.kb.cert.org/vuls/id/252743

External Source: SUSE

Name: SUSE-SU-2014:1213

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html

External Source: CONFIRM

Name: http://www.qnap.com/i/en/support/con_show.php?cid=61

Hyperlink: http://www.qnap.com/i/en/support/con_show.php?cid=61

External Source: CONFIRM

Name: http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0

Hyperlink: http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0

External Source: HP

Name: SSRT101827

Hyperlink: http://marc.info/?l=bugtraq&m=141879528318582&w=2

External Source: CONFIRM

Name: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

Type: Exploit

Hyperlink: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

External Source: SUSE

Name: openSUSE-SU-2014:1310

Hyperlink: http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html

External Source: CONFIRM

Name: https://bugzilla.redhat.com/show_bug.cgi?id=1141597

Type: Patch

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1141597

External Source: CONFIRM

Name: http://support.apple.com/kb/HT6495

Hyperlink: http://support.apple.com/kb/HT6495

External Source: HP

Name: HPSBST03195

Hyperlink: http://marc.info/?l=bugtraq&m=142805027510172&w=2

External Source: CONFIRM

Name: http://www-01.ibm.com/support/docview.wss?uid=swg21685733

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21685733

External Source: HP

Name: HPSBGN03117

Hyperlink: http://marc.info/?l=bugtraq&m=141216207813411&w=2

Vulnerable software and versions

* Denotes Vulnerable Software
Changes related to vulnerability configurations

Technical Details

Vulnerability Type (View All)

OS Command Injections (CWE-78)

CVE Standard Vulnerability Entry http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271

Change History 14 change records found - show changes

CVE Dictionary change - 3/17/2015 10:01:59 PM
Action	Type	Old Value	New Value
Added	Reference		http://marc.info/?l=bugtraq&m=142118135300698&w=2

Quality Assurance - 6/28/2016 6:44:57 AM
Action	Type	Old Value	New Value
Changed	Reference Type	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126 No Types Assigned	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126 Advisory
Changed	Reference Type	http://jvn.jp/en/jp/JVN55667175/index.html No Types Assigned	http://jvn.jp/en/jp/JVN55667175/index.html Advisory
Changed	Reference Type	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html No Types Assigned	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html Exploit
Changed	Reference Type	https://www.exploit-db.com/exploits/39918/ No Types Assigned	https://www.exploit-db.com/exploits/39918/ Exploit

CVE Dictionary change - 5/11/2015 10:01:44 PM
Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/articles/1200223
Added	Reference		http://advisories.mageia.org/MGASA-2014-0388.html
Added	Reference		http://www.mandriva.com/security/advisories?name=MDVSA-2015:164

CVE Dictionary change - 11/19/2014 9:59:28 PM
Action	Type	Old Value	New Value
Added	Reference		http://marc.info/?l=bugtraq&m=141577137423233&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=141577297623641&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=141577241923505&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=141576728022234&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=141585637922673&w=2

CVE Dictionary change - 3/11/2015 10:00:04 PM
Action	Type	Old Value	New Value
Added	Reference		http://marc.info/?l=bugtraq&m=142546741516006&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=142358026505815&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=141879528318582&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=142358078406056&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=142113462216480&w=2

CVE Dictionary change - 6/20/2016 9:59:01 PM
Action	Type	Old Value	New Value
Added	Reference		http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html

CVE Dictionary change - 3/30/2015 9:59:19 PM
Action	Type	Old Value	New Value
Added	Reference		http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0

CVE Dictionary change - 4/9/2015 9:59:33 PM
Action	Type	Old Value	New Value
Added	Reference		http://marc.info/?l=bugtraq&m=142805027510172&w=2

CVE Dictionary change - 3/26/2015 9:59:29 PM
Action	Type	Old Value	New Value
Added	Reference		http://marc.info/?l=bugtraq&m=142721162228379&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=142719845423222&w=2

Translation provided - 6/17/2016 7:45:02 AM

Action

Type

Old Value

New Value

Removed

Translation

Record truncated, showing 500 of 553 characters. View Entire Change Record

GNU Bash hasta 4.3 procesa cadenas finales después de la definición de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar código arbitrario a través de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a trav

Added

Translation

Record truncated, showing 500 of 789 characters. View Entire Change Record

GNU Bash hasta la versión 4.3 procesa cadenas finales después de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar código arbitrario a través de un entorno manipulado, tal como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno

View Entire Change Record

CVE Dictionary change - 12/2/2014 10:01:38 PM
Action	Type	Old Value	New Value
Added	Reference		http://marc.info/?l=bugtraq&m=141694386919794&w=2

CVE Dictionary change - 11/13/2014 10:07:19 PM
Action	Type	Old Value	New Value
Added	Reference		http://www-01.ibm.com/support/docview.wss?uid=swg21686447
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html
Added	Reference		http://marc.info/?l=bugtraq&m=141383465822787&w=2
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html
Added	Reference		http://rhn.redhat.com/errata/RHSA-2014-1354.html
Added	Reference		http://secunia.com/advisories/61873

CVE Dictionary change - 6/16/2016 10:00:15 PM
Action	Type	Old Value	New Value
Added	Reference		https://www.exploit-db.com/exploits/39918/

CVE Dictionary change - 12/23/2014 10:00:22 PM
Action	Type	Old Value	New Value
Added	Reference		http://secunia.com/advisories/62343
Added	Reference		http://secunia.com/advisories/62312

You are viewing this page in an unauthorized frame window.

National Cyber Awareness System

Vulnerability Summary for CVE-2014-6271

Overview

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

Vulnerable software and versions

Technical Details

Change History 14 change records found - show changes