{"id":27293,"date":"2014-09-26T14:29:38","date_gmt":"2014-09-26T14:29:38","guid":{"rendered":"https:\/\/udsenterprise.com\/major-vulnerability-found-bash\/"},"modified":"2023-09-21T13:10:34","modified_gmt":"2023-09-21T13:10:34","slug":"major-vulnerability-found-bash","status":"publish","type":"post","link":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/","title":{"rendered":"Major vulnerability found in bash"},"content":{"rendered":"<p>The problem lies in the fact that, as all interpreted languages, bash allows functions which are not properly validated when they are storaged in a variable.<\/p>\n<p>You can find more information about this problem here: <\/p>\n<p><a href=\"https:\/\/securityblog.redhat.com\/2014\/09\/24\/bash-specially-crafted-environment-variables-code-injection-attack\/\" target=\"_blank\" rel=\"nofollow\">Bash specially-crafted environment variables code injection attack<\/a> <\/p>\n","protected":false},"excerpt":{"rendered":"<p>A major vulnerability has been discovered that targets bash, the Unix system (including OSX) and Linux commands interpreter. Apparently, this security flaw is also affecting other interpreters, such as ksh, tcsh, zsh and csh. Nevertheless, other shells aren&#8217;t being affected. <\/p>\n<p>UDS Enterprise servers aren&#8217;t vulnerable to this fail, so the security of the virrual machines which provide UDS Enterprise remains unaltered. <\/p>\n<p>This vulnerability has been registed as <a href=\"https:\/\/access.redhat.com\/security\/cve\/CVE-2014-6271\">CVE-2014-6271<\/a> and it allows to execute certain commands due to the wrong process of the environment variables. Besides, it may be exploited remotely.<\/p>\n","protected":false},"author":2,"featured_media":15777,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[985,1023,1035,926],"tags":[986,1024,1036,928],"class_list":["post-27293","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hot-news","category-linux-en","category-red-hat-en","category-security","tag-hot-news","tag-linux-en","tag-red-hat-en","tag-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.1 (Yoast SEO v27.1.1) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Major vulnerability found in bash<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Major vulnerability found in bash\" \/>\n<meta property=\"og:description\" content=\"A major vulnerability has been discovered that targets bash, the Unix system (including OSX) and Linux commands interpreter. Apparently, this security flaw is also affecting other interpreters, such as ksh, tcsh, zsh and csh. Nevertheless, other shells aren&#039;t being affected. UDS Enterprise servers aren&#039;t vulnerable to this fail, so the security of the virrual machines which provide UDS Enterprise remains unaltered. This vulnerability has been registed as CVE-2014-6271 and it allows to execute certain commands due to the wrong process of the environment variables. Besides, it may be exploited remotely.\" \/>\n<meta property=\"og:site_name\" content=\"UDS Enterprise\" \/>\n<meta property=\"article:published_time\" content=\"2014-09-26T14:29:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-21T13:10:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2022\/11\/img-linea-blanca.gif\" \/>\n\t<meta property=\"og:image:width\" content=\"67\" \/>\n\t<meta property=\"og:image:height\" content=\"4\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/gif\" \/>\n<meta name=\"author\" content=\"UDS Enterprise Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2022\/11\/img-linea-blanca.gif\" \/>\n<meta name=\"twitter:creator\" content=\"@VirtualCable_\" \/>\n<meta name=\"twitter:site\" content=\"@VirtualCable_\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"UDS Enterprise Team\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/\"},\"author\":{\"name\":\"UDS Enterprise Team\",\"@id\":\"https:\/\/udsenterprise.com\/en\/#\/schema\/person\/83f63ed09241332cf10f8f6e7bbdd920\"},\"headline\":\"Major vulnerability found in bash\",\"datePublished\":\"2014-09-26T14:29:38+00:00\",\"dateModified\":\"2023-09-21T13:10:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/\"},\"wordCount\":47,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg\",\"keywords\":[\"Hot news\",\"Linux-en\",\"Red Hat-en\",\"Security\"],\"articleSection\":[\"Hot news\",\"Linux-en\",\"Red Hat-en\",\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#respond\"]}]},{\"@type\":[\"WebPage\",\"ItemPage\"],\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/\",\"url\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/\",\"name\":\"Major vulnerability found in bash\",\"isPartOf\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg\",\"datePublished\":\"2014-09-26T14:29:38+00:00\",\"dateModified\":\"2023-09-21T13:10:34+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage\",\"url\":\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg\",\"contentUrl\":\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg\",\"width\":800,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/udsenterprise.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hot news\",\"item\":\"https:\/\/udsenterprise.com\/en\/category\/hot-news\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Major vulnerability found in bash\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/udsenterprise.com\/en\/#website\",\"url\":\"https:\/\/udsenterprise.com\/en\/\",\"name\":\"UDS Enterprise\",\"description\":\"UDS Enterprise es una soluci\u00f3n segura y flexible para virtualizaci\u00f3n de escritorios y acceso remoto, compatible con Windows, Linux y macOS.\",\"publisher\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/#organization\"},\"alternateName\":\"UDS Enterprise\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/udsenterprise.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/udsenterprise.com\/en\/#organization\",\"name\":\"UDS Enterprise\",\"alternateName\":\"UDS Enterprise\",\"url\":\"https:\/\/udsenterprise.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/udsenterprise.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/05\/img-logotipo-top-00-udsenterprise.jpg\",\"contentUrl\":\"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/05\/img-logotipo-top-00-udsenterprise.jpg\",\"width\":300,\"height\":202,\"caption\":\"UDS Enterprise\"},\"image\":{\"@id\":\"https:\/\/udsenterprise.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/VirtualCable_\",\"https:\/\/es.linkedin.com\/company\/virtualcable\",\"https:\/\/www.youtube.com\/@UDSEnterprise\"],\"description\":\"Virtual Cable es una empresa espa\u00f1ola especializada en soluciones de virtualizaci\u00f3n del puesto de trabajo. Su producto estrella, UDS Enterprise, es un broker de conexiones multiplataforma que permite la administraci\u00f3n y despliegue de escritorios virtuales Windows y Linux, la virtualizaci\u00f3n de aplicaciones y el acceso remoto a equipos f\u00edsicos con sistemas operativos Windows, Linux y macOS\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/udsenterprise.com\/en\/#\/schema\/person\/83f63ed09241332cf10f8f6e7bbdd920\",\"name\":\"UDS Enterprise Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/udsenterprise.com\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b415c61bc26d023da7c12ea873f9088732accd901f13dd03e6db59c6232a06a9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b415c61bc26d023da7c12ea873f9088732accd901f13dd03e6db59c6232a06a9?s=96&d=mm&r=g\",\"caption\":\"UDS Enterprise Team\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Major vulnerability found in bash","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/","og_locale":"en_US","og_type":"article","og_title":"Major vulnerability found in bash","og_description":"A major vulnerability has been discovered that targets bash, the Unix system (including OSX) and Linux commands interpreter. Apparently, this security flaw is also affecting other interpreters, such as ksh, tcsh, zsh and csh. Nevertheless, other shells aren't being affected. UDS Enterprise servers aren't vulnerable to this fail, so the security of the virrual machines which provide UDS Enterprise remains unaltered. This vulnerability has been registed as CVE-2014-6271 and it allows to execute certain commands due to the wrong process of the environment variables. Besides, it may be exploited remotely.","og_site_name":"UDS Enterprise","article_published_time":"2014-09-26T14:29:38+00:00","article_modified_time":"2023-09-21T13:10:34+00:00","og_image":[{"width":67,"height":4,"url":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2022\/11\/img-linea-blanca.gif","type":"image\/gif"}],"author":"UDS Enterprise Team","twitter_card":"summary_large_image","twitter_image":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2022\/11\/img-linea-blanca.gif","twitter_creator":"@VirtualCable_","twitter_site":"@VirtualCable_","twitter_misc":{"Written by":"UDS Enterprise Team"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#article","isPartOf":{"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/"},"author":{"name":"UDS Enterprise Team","@id":"https:\/\/udsenterprise.com\/en\/#\/schema\/person\/83f63ed09241332cf10f8f6e7bbdd920"},"headline":"Major vulnerability found in bash","datePublished":"2014-09-26T14:29:38+00:00","dateModified":"2023-09-21T13:10:34+00:00","mainEntityOfPage":{"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/"},"wordCount":47,"commentCount":0,"publisher":{"@id":"https:\/\/udsenterprise.com\/en\/#organization"},"image":{"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage"},"thumbnailUrl":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg","keywords":["Hot news","Linux-en","Red Hat-en","Security"],"articleSection":["Hot news","Linux-en","Red Hat-en","Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#respond"]}]},{"@type":["WebPage","ItemPage"],"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/","url":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/","name":"Major vulnerability found in bash","isPartOf":{"@id":"https:\/\/udsenterprise.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage"},"image":{"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage"},"thumbnailUrl":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg","datePublished":"2014-09-26T14:29:38+00:00","dateModified":"2023-09-21T13:10:34+00:00","breadcrumb":{"@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#primaryimage","url":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg","contentUrl":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/07\/id-100249250jpg__640x480_q85_subsampling-2jpg__640x480_q85_subsampling-2.jpg","width":800,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/udsenterprise.com\/en\/major-vulnerability-found-bash\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/udsenterprise.com\/en\/"},{"@type":"ListItem","position":2,"name":"Hot news","item":"https:\/\/udsenterprise.com\/en\/category\/hot-news\/"},{"@type":"ListItem","position":3,"name":"Major vulnerability found in bash"}]},{"@type":"WebSite","@id":"https:\/\/udsenterprise.com\/en\/#website","url":"https:\/\/udsenterprise.com\/en\/","name":"UDS Enterprise","description":"UDS Enterprise es una soluci\u00f3n segura y flexible para virtualizaci\u00f3n de escritorios y acceso remoto, compatible con Windows, Linux y macOS.","publisher":{"@id":"https:\/\/udsenterprise.com\/en\/#organization"},"alternateName":"UDS Enterprise","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/udsenterprise.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/udsenterprise.com\/en\/#organization","name":"UDS Enterprise","alternateName":"UDS Enterprise","url":"https:\/\/udsenterprise.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/udsenterprise.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/05\/img-logotipo-top-00-udsenterprise.jpg","contentUrl":"https:\/\/udsenterprise.com\/wp-content\/uploads\/2023\/05\/img-logotipo-top-00-udsenterprise.jpg","width":300,"height":202,"caption":"UDS Enterprise"},"image":{"@id":"https:\/\/udsenterprise.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/VirtualCable_","https:\/\/es.linkedin.com\/company\/virtualcable","https:\/\/www.youtube.com\/@UDSEnterprise"],"description":"Virtual Cable es una empresa espa\u00f1ola especializada en soluciones de virtualizaci\u00f3n del puesto de trabajo. Su producto estrella, UDS Enterprise, es un broker de conexiones multiplataforma que permite la administraci\u00f3n y despliegue de escritorios virtuales Windows y Linux, la virtualizaci\u00f3n de aplicaciones y el acceso remoto a equipos f\u00edsicos con sistemas operativos Windows, Linux y macOS"},{"@type":"Person","@id":"https:\/\/udsenterprise.com\/en\/#\/schema\/person\/83f63ed09241332cf10f8f6e7bbdd920","name":"UDS Enterprise Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/udsenterprise.com\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b415c61bc26d023da7c12ea873f9088732accd901f13dd03e6db59c6232a06a9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b415c61bc26d023da7c12ea873f9088732accd901f13dd03e6db59c6232a06a9?s=96&d=mm&r=g","caption":"UDS Enterprise Team"}}]}},"_links":{"self":[{"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/posts\/27293","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/comments?post=27293"}],"version-history":[{"count":1,"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/posts\/27293\/revisions"}],"predecessor-version":[{"id":29510,"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/posts\/27293\/revisions\/29510"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/media\/15777"}],"wp:attachment":[{"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/media?parent=27293"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/categories?post=27293"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/udsenterprise.com\/en\/wp-json\/wp\/v2\/tags?post=27293"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}