Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

DHCP:SERVER:GNU-BASH-CMD-EXE

Severity

Critical

Recommended

No

Recommended Action

Drop

Category

DHCP

Keywords

GNU Bash Environment Variable Handling Command Execution DHCP Vector

Release Date

2014/09/30

Update Number

2424

Supported Platforms

idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

DHCP: GNU Bash Environment Variable Handling Command Execution DHCP Vector


This signature detects attempts to exploit a known vulnerability against GNU Bash. The vulnerability is due to a failure in handling environment variables. A remote attacker can exploit this vulnerability by interacting with an application that uses Bash environment variables whose content is determined by input read from the network such as a DHCP client. If an attacker can control the value of an environment variable, then command execution can be achieved in the context of the application using the environment variable.

Extended Description

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

Affected Products

  • Gnu bash 1.14.0
  • Gnu bash 1.14.1
  • Gnu bash 1.14.2
  • Gnu bash 1.14.3
  • Gnu bash 1.14.4
  • Gnu bash 1.14.5
  • Gnu bash 1.14.6
  • Gnu bash 1.14.7
  • Gnu bash 2.0
  • Gnu bash 2.01
  • Gnu bash 2.01.1
  • Gnu bash 2.02
  • Gnu bash 2.02.1
  • Gnu bash 2.03
  • Gnu bash 2.04
  • Gnu bash 2.05
  • Gnu bash 3.0
  • Gnu bash 3.0.16
  • Gnu bash 3.1
  • Gnu bash 3.2
  • Gnu bash 3.2.48
  • Gnu bash 4.0
  • Gnu bash 4.1
  • Gnu bash 4.2
  • Gnu bash 4.3

References

  • BugTraq: 70103
  • CVE: CVE-2014-6271
  • CVE: CVE-2014-7169

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out