Intrusion Prevention



This indicates an attack attempt to exploit a Remote Code Execution vulnerability in Bash.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able exploit this to execute arbitrary code within the context of the application.

Affected Products



System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
Based on our analysis and attempts to leverage CVE-2014-7169 for remote code execution, we do not believe that it is remotely exploitable universally. However due to the nature of CVE-2014-7169 we believe the signature for CVE-2014-6271 can cover CVE-2014-7169 as well.
For CVE-2014-7186 and CVE-2014-7187, we believe the risk of it is low based on our analysis. To exploit it remotely, an attacker will probably have to leverage CVE-2014-6271 or CVE-2014-6278, both of which are covered by the signature in this report.