CVE-2014-6278 CVE-2014-6277 - bash: code execution via specially crafted environment variables

root's picture

There is a new bash vulnerability for which there are no technical details so I presume it is scarier than the one mentioned few days ago. Fortunately there is already a patch.

IBM linux toolbox released bash 4.2.3.
Download link for AIX 6.1 and above: ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/bash/bash-4.2-3.aix6.1.ppc.rpm
Optional documentation download: ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/bash/bash-doc-4.2-2.aix6.1.ppc.rpm

Perzl.org bash 4.3.9: http://www.perzl.org/aix/index.php?n=Main.Bash

More details on redhat website: https://access.redhat.com/security/cve/CVE-2014-6278

Thou shalt not steal!

If you want to use this information on your own website, please remember: by doing copy/paste entirely it is always stealing and you should be ashamed of yourself! Have at least the decency to create your own text and comments and run the commands on your own servers and provide your output, not what I did!

Or at least link back to this website.

Recent content