Shellshock: Bash executes commands embedded in environment variables — trivially exploitable via CGI, DHCP clients, SSH ForceCommand, and many other vectors. Patch Bash immediately across all Unix/Linux systems. Assume compromise if internet-exposed.
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment. Shellshock.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →