Back to search
CVE-2014-7187
Published: Sep 28, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685749
x_refsource_CONFIRM
HPSBMU03165
vendor-advisory
x_refsource_HP
HPSBST03131
vendor-advisory
x_refsource_HP
SSRT101819
vendor-advisory
x_refsource_HP
20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities
mailing-list
x_refsource_BUGTRAQ
HPSBMU03245
vendor-advisory
x_refsource_HP
openSUSE-SU-2014:1229
vendor-advisory
x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=swg21686084
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686479
x_refsource_CONFIRM
61188
third-party-advisory
x_refsource_SECUNIA
JVN#55667175
third-party-advisory
x_refsource_JVN
openSUSE-SU-2014:1254
vendor-advisory
x_refsource_SUSE
60433
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20140925 Fwd: Non-upstream patches for bash
mailing-list
x_refsource_MLIST
HPSBMU03143
vendor-advisory
x_refsource_HP
HPSBMU03182
vendor-advisory
x_refsource_HP
HPSBST03155
vendor-advisory
x_refsource_HP
http://support.novell.com/security/cve/CVE-2014-7187.html
x_refsource_CONFIRM
61636
third-party-advisory
x_refsource_SECUNIA
61816
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2014:1310
vendor-advisory
x_refsource_SUSE
61442
third-party-advisory
x_refsource_SECUNIA
HPSBMU03246
vendor-advisory
x_refsource_HP
61283
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2015-09-30-3
vendor-advisory
x_refsource_APPLE
https://kc.mcafee.com/corporate/index?page=content&id=SB10085
x_refsource_CONFIRM
openSUSE-SU-2014:1308
vendor-advisory
x_refsource_SUSE
61654
third-party-advisory
x_refsource_SECUNIA
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
x_refsource_CONFIRM
62312
third-party-advisory
x_refsource_SECUNIA
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html
x_refsource_CONFIRM
HPSBMU03217
vendor-advisory
x_refsource_HP
RHSA-2014:1312
vendor-advisory
x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg21685604
x_refsource_CONFIRM
SSRT101868
vendor-advisory
x_refsource_HP
61703
third-party-advisory
x_refsource_SECUNIA
USN-2364-1
vendor-advisory
x_refsource_UBUNTU
61065
third-party-advisory
x_refsource_SECUNIA
HPSBST03129
vendor-advisory
x_refsource_HP
HPSBMU03144
vendor-advisory
x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21686445
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686131
x_refsource_CONFIRM
JVNDB-2014-000126
third-party-advisory
x_refsource_JVNDB
SSRT101827
vendor-advisory
x_refsource_HP
61641
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2014:1247
vendor-advisory
x_refsource_SUSE
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685914
x_refsource_CONFIRM
20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities
mailing-list
x_refsource_FULLDISC
MDVSA-2015:164
vendor-advisory
x_refsource_MANDRIVA
https://support.apple.com/HT205267
x_refsource_CONFIRM
HPSBMU03220
vendor-advisory
x_refsource_HP
60024
third-party-advisory
x_refsource_SECUNIA
61622
third-party-advisory
x_refsource_SECUNIA
20140926 GNU Bash Environment Variable Command Injection Vulnerability
vendor-advisory
x_refsource_CISCO
[oss-security] 20140928 Re: CVE-2014-6271: remote code execution through bash
mailing-list
x_refsource_MLIST
62343
third-party-advisory
x_refsource_SECUNIA
61565
third-party-advisory
x_refsource_SECUNIA
https://www.suse.com/support/shellshock/
x_refsource_CONFIRM
http://support.apple.com/HT204244
x_refsource_CONFIRM
HPSBST03157
vendor-advisory
x_refsource_HP
61313
third-party-advisory
x_refsource_SECUNIA
SSRT101830
vendor-advisory
x_refsource_HP
SSRT101742
vendor-advisory
x_refsource_HP
61873
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20140926 Re: Fwd: Non-upstream patches for bash
mailing-list
x_refsource_MLIST
61485
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2014:1242
vendor-advisory
x_refsource_SUSE
61618
third-party-advisory
x_refsource_SECUNIA
HPSBST03154
vendor-advisory
x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272
x_refsource_CONFIRM
HPSBGN03142
vendor-advisory
x_refsource_HP
61312
third-party-advisory
x_refsource_SECUNIA
60193
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2014-0010.html
x_refsource_CONFIRM
61479
third-party-advisory
x_refsource_SECUNIA
60063
third-party-advisory
x_refsource_SECUNIA
60034
third-party-advisory
x_refsource_SECUNIA
59907
third-party-advisory
x_refsource_SECUNIA
58200
third-party-advisory
x_refsource_SECUNIA
HPSBST03181
vendor-advisory
x_refsource_HP
61643
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/support/kb/doc.php?id=7015721
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21687079
x_refsource_CONFIRM
61503
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21686246
x_refsource_CONFIRM
RHSA-2014:1354
vendor-advisory
x_refsource_REDHAT
HPSBMU03236
vendor-advisory
x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915
x_refsource_CONFIRM
http://www.qnap.com/i/en/support/con_show.php?cid=61
x_refsource_CONFIRM
HPSBST03148
vendor-advisory
x_refsource_HP
61552
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279
x_refsource_CONFIRM
https://support.citrix.com/article/CTX200223
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686447
x_refsource_CONFIRM
HPSBGN03138
vendor-advisory
x_refsource_HP
61855
third-party-advisory
x_refsource_SECUNIA
60044
third-party-advisory
x_refsource_SECUNIA
61291
third-party-advisory
x_refsource_SECUNIA
HPSBHF03125
vendor-advisory
x_refsource_HP
61287
third-party-advisory
x_refsource_SECUNIA
HPSBGN03233
vendor-advisory
x_refsource_HP
SSRT101739
vendor-advisory
x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361
x_refsource_CONFIRM
APPLE-SA-2015-01-27-4
vendor-advisory
x_refsource_APPLE
HPSBGN03141
vendor-advisory
x_refsource_HP
RHSA-2014:1311
vendor-advisory
x_refsource_REDHAT
61128
third-party-advisory
x_refsource_SECUNIA
https://support.citrix.com/article/CTX200217
x_refsource_CONFIRM
60055
third-party-advisory
x_refsource_SECUNIA
61550
third-party-advisory
x_refsource_SECUNIA
61633
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21686494
x_refsource_CONFIRM
https://kb.bluecoat.com/index?page=content&id=SA82
x_refsource_CONFIRM
SUSE-SU-2014:1259
vendor-advisory
x_refsource_SUSE
61328
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21685733
x_refsource_CONFIRM
61129
third-party-advisory
x_refsource_SECUNIA
61603
third-party-advisory
x_refsource_SECUNIA
61857
third-party-advisory
x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now