This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:gnu:bash:3.2.48
Detail
VendorGnuFirst view 2010-01-14
ProductBashLast view2019-03-22
Version3.2.48TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:gnu:bash

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.22019-03-22CVE-2019-9924LocalLowNone Requ...
7.22017-01-19CVE-2016-7543LocalLowNone Requ...
102014-09-30CVE-2014-6278NetworkLowNone Requ...
102014-09-28CVE-2014-7187NetworkLowNone Requ...
102014-09-28CVE-2014-7186NetworkLowNone Requ...
Hide | Show 4 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
102014-09-27CVE-2014-6277NetworkLowNone Requ...
102014-09-24CVE-2014-7169NetworkLowNone Requ...
102014-09-24CVE-2014-6271NetworkLowNone Requ...
2.12010-01-14CVE-2010-0002LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
44% (4)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...
33% (3)CWE-20Improper Input Validation
22% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:26745USN-2363-2 -- bash vulnerability
oval:org.mitre.oval:def:26589RHSA-2014:1306: bash security update (Important)
oval:org.mitre.oval:def:26447Vulnerability affecting GNU Bash
oval:org.mitre.oval:def:26290USN-2363-1 -- bash vulnerability
oval:org.mitre.oval:def:26928ELSA-2014-3079 -- bash security update (Important)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:26712ELSA-2014-3078 -- bash security update (Critical)
oval:org.mitre.oval:def:26615ELSA-2014-3076 -- bash security update (Critical)
oval:org.mitre.oval:def:26614ELSA-2014-3077 -- bash security update (Critical)
oval:org.mitre.oval:def:26555ELSA-2014-3075 -- bash security update (Critical)
oval:org.mitre.oval:def:28062VMware product updates address critical Bash security vulnerabilities
oval:org.mitre.oval:def:28091VMware product updates address critical Bash security vulnerabilities
oval:org.mitre.oval:def:26231USN-2380-1 -- bash vulnerabilities
oval:org.mitre.oval:def:28195VMware product updates address critical Bash security vulnerabilities
oval:org.mitre.oval:def:28263ELSA-2014-3094 -- bash security update (important)
oval:org.mitre.oval:def:28237ELSA-2014-3092 -- bash security update (important)
oval:org.mitre.oval:def:27461ELSA-2014-3093 -- bash security update (important)
oval:org.mitre.oval:def:27163USN-2364-1 -- bash vulnerabilities
oval:org.mitre.oval:def:26631SUSE-SU-2014:1247-1 -- Security update for bash
oval:org.mitre.oval:def:28370VMware product updates address critical Bash security vulnerabilities
oval:org.mitre.oval:def:27981SUSE-SU-2014:1259-1 -- bash (important)
oval:org.mitre.oval:def:26764Vulnerability affecting GNU Bash
oval:org.mitre.oval:def:26665DSA-3035-1 bash - security update
oval:org.mitre.oval:def:26642DSA-3032-1 bash - security update
oval:org.mitre.oval:def:26539USN-2362-1 -- bash vulnerability
oval:org.mitre.oval:def:26521RHSA-2014:1293: bash security update (Critical)

SAINT Exploits

DescriptionLink
Bash environment variable command injection in Cisco UCS ManagerMore info here
Bash environment variable code injection over HTTPMore info here
Bash Environment Variable Handling Shell Command Injection Via CUPSMore info here
ShellShock DHCP ServerMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
61790Bash on Mandriva etc/profile.d/60alias.sh LS_OPTIONS Terminal Emulator Escape...

ExploitDB Exploits

idDescription
35146PHP 5.x Shellshock Exploit (bypass disable_functions)
35115CUPS Filter Bash Environment Variable Code Injection
35081Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash
34879OpenVPN 2.2.29 - ShellShock Exploit
34860GNU bash 4.3.11 Environment Variable dhclient Exploit
Hide | Show 2 More...
idDescription
34839IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injecti...
34777GNU bash Environment Variable Command Injection (MSF)

OpenVAS Exploits

idDescription
2010-01-19Name : Mandriva Update for bash MDVSA-2010:004 (bash)
File : nvt/gb_mandriva_MDVSA_2010_004.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0142GNU Bash Shell Code Execution Vulnerability
Severity : Category I - VMSKEY : V0054753

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2015-07-13Linux.Trojan.ChinaZ outbound connection
RuleID : 34847 - Type : MALWARE-CNC - Revision : 2
2014-10-30Bash environment variable injection attempt
RuleID : 32366-community - Type : OS-OTHER - Revision : 2
2014-12-02Bash environment variable injection attempt
RuleID : 32366 - Type : OS-OTHER - Revision : 2
2014-10-24Bash CGI environment variable injection attempt
RuleID : 32336-community - Type : OS-OTHER - Revision : 2
2014-11-25Bash CGI environment variable injection attempt
RuleID : 32336 - Type : OS-OTHER - Revision : 2
Hide | Show 20 More...
DateDescription
2014-10-24Bash CGI environment variable injection attempt
RuleID : 32335-community - Type : OS-OTHER - Revision : 2
2014-11-25Bash CGI environment variable injection attempt
RuleID : 32335 - Type : OS-OTHER - Revision : 2
2014-10-03Bash environment variable injection attempt
RuleID : 32069-community - Type : OS-OTHER - Revision : 3
2014-11-16Bash environment variable injection attempt
RuleID : 32069 - Type : OS-OTHER - Revision : 3
2014-11-16Bash CGI nested loops word_lineno denial of service attempt
RuleID : 32049 - Type : OS-OTHER - Revision : 2
2014-11-16Bash CGI nested loops word_lineno denial of service attempt
RuleID : 32047 - Type : OS-OTHER - Revision : 2
2014-11-16Bash redir_stack here document handling denial of service attempt
RuleID : 32046 - Type : OS-OTHER - Revision : 2
2014-11-16Bash redir_stack here document handling denial of service attempt
RuleID : 32045 - Type : OS-OTHER - Revision : 2
2014-10-01Bash environment variable injection attempt
RuleID : 32043-community - Type : OS-OTHER - Revision : 3
2014-11-16Bash environment variable injection attempt
RuleID : 32043 - Type : OS-OTHER - Revision : 3
2014-10-01Bash environment variable injection attempt
RuleID : 32042-community - Type : OS-OTHER - Revision : 4
2014-11-16Bash environment variable injection attempt
RuleID : 32042 - Type : OS-OTHER - Revision : 4
2014-10-01Bash environment variable injection attempt
RuleID : 32041-community - Type : OS-OTHER - Revision : 4
2014-11-16Bash environment variable injection attempt
RuleID : 32041 - Type : OS-OTHER - Revision : 4
2014-10-01Bash environment variable injection attempt
RuleID : 32039-community - Type : OS-OTHER - Revision : 3
2014-11-16Bash environment variable injection attempt
RuleID : 32039 - Type : OS-OTHER - Revision : 3
2014-10-01Bash environment variable injection attempt
RuleID : 32038-community - Type : OS-OTHER - Revision : 3
2014-11-16Bash environment variable injection attempt
RuleID : 32038 - Type : OS-OTHER - Revision : 3
2014-09-25Malicious DHCP server bash environment variable injection attempt
RuleID : 31985-community - Type : OS-OTHER - Revision : 6
2014-11-16Malicious DHCP server bash environment variable injection attempt
RuleID : 31985 - Type : OS-OTHER - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0009.nasl - Type : ACT_GATHER_INFO
2017-12-28Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL73705133.nasl - Type : ACT_GATHER_INFO
2017-12-04Name : The remote host is missing a vendor-supplied security patch.
File : check_point_gaia_sk102673.nasl - Type : ACT_GATHER_INFO
2017-09-11Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-251-01.nasl - Type : ACT_GATHER_INFO
2017-09-08Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1163.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-09-08Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1164.nasl - Type : ACT_GATHER_INFO
2017-09-01Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-878.nasl - Type : ACT_GATHER_INFO
2017-08-25Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-1931.nasl - Type : ACT_GATHER_INFO
2017-08-22Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170801_bash_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-08-09Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-1931.nasl - Type : ACT_GATHER_INFO
2017-08-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-1931.nasl - Type : ACT_GATHER_INFO
2017-05-18Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3294-1.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2017-1031.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2017-1032.nasl - Type : ACT_GATHER_INFO
2017-04-06Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170321_bash_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-03-30Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0725.nasl - Type : ACT_GATHER_INFO
2017-03-30Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2017-0050.nasl - Type : ACT_GATHER_INFO
2017-03-27Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-0725.nasl - Type : ACT_GATHER_INFO
2017-03-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0725.nasl - Type : ACT_GATHER_INFO
2017-01-30Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0302-1.nasl - Type : ACT_GATHER_INFO
2017-01-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201701-02.nasl - Type : ACT_GATHER_INFO
2016-12-05Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1374.nasl - Type : ACT_GATHER_INFO
2016-11-23Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2872-1.nasl - Type : ACT_GATHER_INFO
2016-11-15Name : The remote Fedora host is missing a security update.
File : fedora_2016-2c4b5ad64e.nasl - Type : ACT_GATHER_INFO
2016-11-04Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1260.nasl - Type : ACT_GATHER_INFO