製品・ソフトウェアに関する情報

JVN脆弱性詳細

** 削除 ** GNU bash における任意のコードを実行される脆弱性

Title	削除 GNU bash における任意のコードを実行される脆弱性
Summary	削除 JVNDBIDの年番号(2013)を誤って採番したため、正しいJVNDBIDの年番号(2014)に採番し直しました。採番後の脆弱性対策情報は下記のリンクを確認ください。 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004410.html ↓↓↓↓↓ 以下削除前の情報 ↓↓↓↓↓ GNU bash は、環境変数の値の関数定義の後で末尾の文字列を処理するため、任意のコードを実行される脆弱性が存在します。
Possible impacts	第三者により、巧妙に細工された環境を介して、任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Sept. 15, 2014, midnight
Registration Date	Sept. 26, 2014, 10:18 a.m.
Last Update	Sept. 26, 2014, 10:18 a.m.

CVSS2.0 : 危険
Score	10
Vector	AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected System

GNU Project

bash 4.3 まで

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2014-6271	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
National Vulnerability Database (NVD)
2	CVE-2014-6271	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-78	https://jvndb.jvn.jp/ja/cwe/CWE-78.html

ベンダー情報

No	Name	URL
GnuPG Project
1	GNU Bash	http://www.gnu.org/software/bash/
Red Hat Bugzilla
2	Bug 1141597	https://bugzilla.redhat.com/show_bug.cgi?id=1141597
Red Hat Security Blog
3	Bash specially-crafted environment variables code injection attack	https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

その他

No	Name	URL
IPA 重要なセキュリティ情報
1	bash の脆弱性対策について(CVE-2014-6271 等)	http://www.ipa.go.jp/security/ciadr/vul/20140926-bash.html
JPCERT 注意喚起
2	JPCERT-AT-2014-0037	https://www.jpcert.or.jp/at/2014/at140037.html
JVN
3	JVNVU#97219505	http://jvn.jp/vu/JVNVU97219505/index.html
US-CERT Technical Cyber Security Alert
4	TA14-268A	https://www.us-cert.gov/ncas/alerts/TA14-268A
US-CERT Vulnerability Note
5	VU#252743	http://www.kb.cert.org/vuls/id/252743

Change Log

No	Changed Details	Date of change
0	[2014年09月26日] 掲載 [2014年09月29日] 概要に記載の理由により削除扱いに変更	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2014-6271

Summary	GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Summary	GNU Bash hasta la versión 4.3 procesa cadenas finales después de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar código arbitrario a través de un entorno manipulado, tal como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno ocurre a través de un límite privilegiado de la ejecución de Bash, también conocido como "ShellShock." NOTA: la reparación original para este problema era incorrecta; CVE-2014-7169 ha sido asignada para cubrir la vulnerabilidad que todavía está presente después de la solución incorrecta.
Publication Date	Sept. 25, 2014, 3:48 a.m.
Registration Date	Jan. 26, 2021, 3:16 p.m.
Last Update	April 23, 2026, 1:07 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:gnu:bash::::::::		4.3
cpe:2.3:o:arista:eos::::::::	4.9.0			4.9.12
cpe:2.3:o:arista:eos::::::::	4.10.0			4.10.9
cpe:2.3:o:arista:eos::::::::	4.11.0			4.11.11
cpe:2.3:o:arista:eos::::::::	4.12.0			4.12.9
cpe:2.3:o:arista:eos::::::::	4.13.0			4.13.9
cpe:2.3:o:arista:eos::::::::	4.14.0			4.14.4f
cpe:2.3:o:oracle:linux:4:::::::*
cpe:2.3:o:oracle:linux:5:-::::::
cpe:2.3:o:oracle:linux:6:-::::::
cpe:2.3:o:qnap:qts::::::::				4.1.1
cpe:2.3:o:qnap:qts:4.1.1:-::::::
cpe:2.3:o:qnap:qts:4.1.1:build_0927::::::
cpe:2.3:o:mageia:mageia:3.0:::::::*
cpe:2.3:o:mageia:mageia:4.0:::::::*
cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:::::::*
cpe:2.3:a:redhat:virtualization:3.4:::::::*
cpe:2.3:o:redhat:enterprise_linux:4.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:6.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
cpe:2.3:a:suse:studio_onsite:1.3:::::::*
cpe:2.3:o:opensuse:opensuse:12.3:::::::*
cpe:2.3:o:opensuse:opensuse:13.1:::::::*
cpe:2.3:o:opensuse:opensuse:13.2:::::::*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::ltss:::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss:::*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:-::
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::*
cpe:2.3:o:suse:linux_enterprise_server:12:-::::::
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-::::::
cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:::::::*
cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:::::::*
cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:::::::*
cpe:2.3:a:ibm:pureapplication_system::::::::	1.0.0.0	1.0.0.4
cpe:2.3:a:ibm:pureapplication_system::::::::	1.1.0.0	1.1.0.4
cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:::::::*
cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:::::::*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:::::::*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:::::::*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9::::::
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:::::::*
cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:::::::*
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8::::::
cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9::::::
cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:::::::*
cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:::::::*
cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:::::::*
cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:::::::*
cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:::::::*
cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:::::kvm:::*				1.2.1
cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:::::openflow:::*				1.2.1
cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:::::vmware:::*				1.2.1
cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:::::::*
cpe:2.3:a:ibm:workload_deployer::::::::	3.1.0	3.1.0.7
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:::::::*
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:::::::*
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:::::::*
cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:::::::*
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:::::::*
cpe:2.3:o:ibm:storwize_v7000_firmware::::::::	1.1.0.0			1.4.3.5
cpe:2.3:o:ibm:storwize_v7000_firmware::::::::	1.5.0.0			1.5.0.4
cpe:2.3:o:ibm:storwize_v7000_firmware::::::::	7.2.0.0			7.2.0.9
cpe:2.3:o:ibm:storwize_v7000_firmware::::::::	7.3.0.0			7.3.0.7
cpe:2.3:o:ibm:storwize_v5000_firmware::::::::	1.1.0.0			7.1.0.11
cpe:2.3:o:ibm:storwize_v5000_firmware::::::::	7.2.0.0			7.2.0.9
cpe:2.3:o:ibm:storwize_v5000_firmware::::::::	7.3.0.0			7.3.0.7
cpe:2.3:o:ibm:storwize_v3700_firmware::::::::	1.1.0.0			7.1.0.11
cpe:2.3:o:ibm:storwize_v3700_firmware::::::::	7.2.0.0			7.2.0.9
cpe:2.3:o:ibm:storwize_v3700_firmware::::::::	7.3.0.0			7.3.0.7
cpe:2.3:o:ibm:storwize_v3500_firmware::::::::	1.1.0.0			7.1.0.11
cpe:2.3:o:ibm:storwize_v3500_firmware::::::::	7.2.0.0			7.2.0.9
cpe:2.3:o:ibm:storwize_v3500_firmware::::::::	7.3.0.0			7.3.0.7
cpe:2.3:o:ibm:flex_system_v7000_firmware::::::::	1.1.0.0			7.1.0.11
cpe:2.3:o:ibm:flex_system_v7000_firmware::::::::	7.2.0.0			7.2.0.9
cpe:2.3:o:ibm:flex_system_v7000_firmware::::::::	7.3.0.0			7.3.0.7
cpe:2.3:o:ibm:san_volume_controller_firmware::::::::	1.1.0.0			7.1.0.11
cpe:2.3:o:ibm:san_volume_controller_firmware::::::::	7.2.0.0			7.2.0.9
cpe:2.3:o:ibm:san_volume_controller_firmware::::::::	7.3.0.0			7.3.0.7
cpe:2.3:o:ibm:stn6500_firmware::::::::	3.8.0.0			3.8.0.07
cpe:2.3:o:ibm:stn6500_firmware::::::::	3.9.1.0			3.9.1.08
cpe:2.3:o:ibm:stn6500_firmware::::::::	4.1.2.0			4.1.2.06
cpe:2.3:o:ibm:stn6800_firmware::::::::	3.8.0.0			3.8.0.07
cpe:2.3:o:ibm:stn6800_firmware::::::::	3.9.1.0			3.9.1.08
cpe:2.3:o:ibm:stn6800_firmware::::::::	4.1.2.0			4.1.2.06
cpe:2.3:o:ibm:stn7800_firmware::::::::	3.8.0.0			3.8.0.07
cpe:2.3:o:ibm:stn7800_firmware::::::::	3.9.1.0			3.9.1.08
cpe:2.3:o:ibm:stn7800_firmware::::::::	4.1.2.0			4.1.2.06
cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
cpe:2.3:a:novell:zenworks_configuration_management:10.3:::::::*
cpe:2.3:a:novell:zenworks_configuration_management:11:::::::*
cpe:2.3:a:novell:zenworks_configuration_management:11.1:::::::*
cpe:2.3:a:novell:zenworks_configuration_management:11.2:::::::*
cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:::::::*
cpe:2.3:o:novell:open_enterprise_server:2.0:sp3::::linux_kernel::*
cpe:2.3:o:novell:open_enterprise_server:11.0:sp2::::linux_kernel::*
cpe:2.3:a:checkpoint:security_gateway::::::::				r77.30
cpe:2.3:a:f5:big-ip_access_policy_manager::::::::	10.1.0	10.2.4
cpe:2.3:a:f5:big-ip_access_policy_manager::::::::	11.0.0	11.5.1
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::	11.3.0	11.5.1
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_analytics::::::::	11.0.0	11.5.1
cpe:2.3:a:f5:big-ip_analytics:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::	11.4.0	11.5.1
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_application_security_manager::::::::	10.0.0	10.2.4
cpe:2.3:a:f5:big-ip_application_security_manager::::::::	11.0.0	11.5.1
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_edge_gateway::::::::	10.1.0	10.2.4
cpe:2.3:a:f5:big-ip_edge_gateway::::::::	11.0.0	11.3.0
cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::	10.0.0	10.2.4
cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::	11.0.0	11.5.1
cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_link_controller::::::::	10.0.0	10.2.4
cpe:2.3:a:f5:big-ip_link_controller::::::::	11.0.0	11.5.1
cpe:2.3:a:f5:big-ip_link_controller:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	10.0.0	10.2.4
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	11.0.0	11.5.1
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::	11.3.0	11.5.1
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:::::::*
cpe:2.3:a:f5:big-ip_protocol_security_module::::::::	10.0.0	10.2.4
cpe:2.3:a:f5:big-ip_protocol_security_module::::::::	11.0.0	11.4.1
cpe:2.3:a:f5:big-ip_wan_optimization_manager::::::::	10.0.0	10.2.4
cpe:2.3:a:f5:big-ip_wan_optimization_manager::::::::	11.0.0	11.3.0
cpe:2.3:a:f5:big-ip_webaccelerator::::::::	10.0.0	10.2.4
cpe:2.3:a:f5:big-ip_webaccelerator::::::::	11.0.0	11.3.0
cpe:2.3:a:f5:big-iq_cloud::::::::	4.0.0	4.4.0
cpe:2.3:a:f5:big-iq_device::::::::	4.2.0	4.4.0
cpe:2.3:a:f5:big-iq_security::::::::	4.0.0	4.4.0
cpe:2.3:a:f5:enterprise_manager::::::::	2.1.0	2.3.0
cpe:2.3:a:f5:enterprise_manager::::::::	3.0.0	3.1.1
cpe:2.3:a:f5:traffix_signaling_delivery_controller::::::::	4.0.0	4.0.5
cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:::::::*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:::::::*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:::::::*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:::::::*
cpe:2.3:o:f5:arx_firmware::::::::	6.0.0	6.4.0
cpe:2.3:o:citrix:netscaler_sdx_firmware::::::::				9.3.67.5r1
cpe:2.3:o:citrix:netscaler_sdx_firmware::::::::	10			10.1.129.11r1
cpe:2.3:o:citrix:netscaler_sdx_firmware::::::::	10.5			10.5.52.11r1
cpe:2.3:o:apple:mac_os_x::::::::	10.0.0			10.10.0
cpe:2.3:a:vmware:vcenter_server_appliance:5.0:::::::*
cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1::::::
cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2::::::
cpe:2.3:a:vmware:vcenter_server_appliance:5.1:::::::*
cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1::::::
cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2::::::
cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-::::::
cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1::::::
cpe:2.3:o:vmware:esx:4.0:::::::*
cpe:2.3:o:vmware:esx:4.1:::::::*

Configuration2		or higher	or less	more than	less than

Related information, measures and tools

No	URL	refsource
1	http://advisories.mageia.org/MGASA-2014-0388.html	security@debian.org
2	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	security@debian.org
3	http://jvn.jp/en/jp/JVN55667175/index.html	security@debian.org
4	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	security@debian.org
5	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673	security@debian.org
6	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	security@debian.org
7	http://linux.oracle.com/errata/ELSA-2014-1293.html	security@debian.org
8	http://linux.oracle.com/errata/ELSA-2014-1294.html	security@debian.org
9	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html	security@debian.org
10	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html	security@debian.org
11	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html	security@debian.org
12	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html	security@debian.org
13	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html	security@debian.org
14	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	security@debian.org
15	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html	security@debian.org
16	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	security@debian.org
17	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	security@debian.org
18	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	security@debian.org
19	http://marc.info/?l=bugtraq&m=141216207813411&w=2	security@debian.org
20	http://marc.info/?l=bugtraq&m=141216668515282&w=2	security@debian.org
21	http://marc.info/?l=bugtraq&m=141235957116749&w=2	security@debian.org
22	http://marc.info/?l=bugtraq&m=141319209015420&w=2	security@debian.org
23	http://marc.info/?l=bugtraq&m=141330425327438&w=2	security@debian.org
24	http://marc.info/?l=bugtraq&m=141330468527613&w=2	security@debian.org
25	http://marc.info/?l=bugtraq&m=141345648114150&w=2	security@debian.org
26	http://marc.info/?l=bugtraq&m=141383026420882&w=2	security@debian.org
27	http://marc.info/?l=bugtraq&m=141383081521087&w=2	security@debian.org
28	http://marc.info/?l=bugtraq&m=141383138121313&w=2	security@debian.org
29	http://marc.info/?l=bugtraq&m=141383196021590&w=2	security@debian.org
30	http://marc.info/?l=bugtraq&m=141383244821813&w=2	security@debian.org
31	http://marc.info/?l=bugtraq&m=141383304022067&w=2	security@debian.org
32	http://marc.info/?l=bugtraq&m=141383353622268&w=2	security@debian.org
33	http://marc.info/?l=bugtraq&m=141383465822787&w=2	security@debian.org
34	http://marc.info/?l=bugtraq&m=141450491804793&w=2	security@debian.org
35	http://marc.info/?l=bugtraq&m=141576728022234&w=2	security@debian.org
36	http://marc.info/?l=bugtraq&m=141577137423233&w=2	security@debian.org
37	http://marc.info/?l=bugtraq&m=141577241923505&w=2	security@debian.org
38	http://marc.info/?l=bugtraq&m=141577297623641&w=2	security@debian.org
39	http://marc.info/?l=bugtraq&m=141585637922673&w=2	security@debian.org
40	http://marc.info/?l=bugtraq&m=141694386919794&w=2	security@debian.org
41	http://marc.info/?l=bugtraq&m=141879528318582&w=2	security@debian.org
42	http://marc.info/?l=bugtraq&m=142113462216480&w=2	security@debian.org
43	http://marc.info/?l=bugtraq&m=142118135300698&w=2	security@debian.org
44	http://marc.info/?l=bugtraq&m=142358026505815&w=2	security@debian.org
45	http://marc.info/?l=bugtraq&m=142358078406056&w=2	security@debian.org
46	http://marc.info/?l=bugtraq&m=142546741516006&w=2	security@debian.org
47	http://marc.info/?l=bugtraq&m=142719845423222&w=2	security@debian.org
48	http://marc.info/?l=bugtraq&m=142721162228379&w=2	security@debian.org
49	http://marc.info/?l=bugtraq&m=142805027510172&w=2	security@debian.org
50	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	security@debian.org
51	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	security@debian.org
52	http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html	security@debian.org
53	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html	security@debian.org
54	http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html	security@debian.org
55	http://rhn.redhat.com/errata/RHSA-2014-1293.html	security@debian.org
56	http://rhn.redhat.com/errata/RHSA-2014-1294.html	security@debian.org
57	http://rhn.redhat.com/errata/RHSA-2014-1295.html	security@debian.org
58	http://rhn.redhat.com/errata/RHSA-2014-1354.html	security@debian.org
59	http://seclists.org/fulldisclosure/2014/Oct/0	security@debian.org
60	http://secunia.com/advisories/58200	security@debian.org
61	http://secunia.com/advisories/59272	security@debian.org
62	http://secunia.com/advisories/59737	security@debian.org
63	http://secunia.com/advisories/59907	security@debian.org
64	http://secunia.com/advisories/60024	security@debian.org
65	http://secunia.com/advisories/60034	security@debian.org
66	http://secunia.com/advisories/60044	security@debian.org
67	http://secunia.com/advisories/60055	security@debian.org
68	http://secunia.com/advisories/60063	security@debian.org
69	http://secunia.com/advisories/60193	security@debian.org
70	http://secunia.com/advisories/60325	security@debian.org
71	http://secunia.com/advisories/60433	security@debian.org
72	http://secunia.com/advisories/60947	security@debian.org
73	http://secunia.com/advisories/61065	security@debian.org
74	http://secunia.com/advisories/61128	security@debian.org
75	http://secunia.com/advisories/61129	security@debian.org
76	http://secunia.com/advisories/61188	security@debian.org
77	http://secunia.com/advisories/61283	security@debian.org
78	http://secunia.com/advisories/61287	security@debian.org
79	http://secunia.com/advisories/61291	security@debian.org
80	http://secunia.com/advisories/61312	security@debian.org
81	http://secunia.com/advisories/61313	security@debian.org
82	http://secunia.com/advisories/61328	security@debian.org
83	http://secunia.com/advisories/61442	security@debian.org
84	http://secunia.com/advisories/61471	security@debian.org
85	http://secunia.com/advisories/61485	security@debian.org
86	http://secunia.com/advisories/61503	security@debian.org
87	http://secunia.com/advisories/61542	security@debian.org
88	http://secunia.com/advisories/61547	security@debian.org
89	http://secunia.com/advisories/61550	security@debian.org
90	http://secunia.com/advisories/61552	security@debian.org
91	http://secunia.com/advisories/61565	security@debian.org
92	http://secunia.com/advisories/61603	security@debian.org
93	http://secunia.com/advisories/61633	security@debian.org
94	http://secunia.com/advisories/61641	security@debian.org
95	http://secunia.com/advisories/61643	security@debian.org
96	http://secunia.com/advisories/61654	security@debian.org
97	http://secunia.com/advisories/61676	security@debian.org
98	http://secunia.com/advisories/61700	security@debian.org
99	http://secunia.com/advisories/61703	security@debian.org
100	http://secunia.com/advisories/61711	security@debian.org
101	http://secunia.com/advisories/61715	security@debian.org
102	http://secunia.com/advisories/61780	security@debian.org
103	http://secunia.com/advisories/61816	security@debian.org
104	http://secunia.com/advisories/61855	security@debian.org
105	http://secunia.com/advisories/61857	security@debian.org
106	http://secunia.com/advisories/61873	security@debian.org
107	http://secunia.com/advisories/62228	security@debian.org
108	http://secunia.com/advisories/62312	security@debian.org
109	http://secunia.com/advisories/62343	security@debian.org
110	http://support.apple.com/kb/HT6495	security@debian.org
111	http://support.novell.com/security/cve/CVE-2014-6271.html	security@debian.org
112	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	security@debian.org
113	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	security@debian.org
114	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	security@debian.org
115	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	security@debian.org
116	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	security@debian.org
117	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	security@debian.org
118	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	security@debian.org
119	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	security@debian.org
120	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	security@debian.org
121	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	security@debian.org
122	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	security@debian.org
123	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	security@debian.org
124	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	security@debian.org
125	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	security@debian.org
126	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	security@debian.org
127	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	security@debian.org
128	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	security@debian.org
129	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	security@debian.org
130	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	security@debian.org
131	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	security@debian.org
132	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	security@debian.org
133	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	security@debian.org
134	http://www.debian.org/security/2014/dsa-3032	security@debian.org
135	http://www.kb.cert.org/vuls/id/252743	security@debian.org
136	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	security@debian.org
137	http://www.novell.com/support/kb/doc.php?id=7015701	security@debian.org
138	http://www.novell.com/support/kb/doc.php?id=7015721	security@debian.org
139	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	security@debian.org
140	http://www.qnap.com/i/en/support/con_show.php?cid=61	security@debian.org
141	http://www.securityfocus.com/archive/1/533593/100/0/threaded	security@debian.org
142	http://www.securityfocus.com/bid/70103	security@debian.org
143	http://www.ubuntu.com/usn/USN-2362-1	security@debian.org
144	http://www.us-cert.gov/ncas/alerts/TA14-268A	security@debian.org
145	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	security@debian.org
146	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	security@debian.org
147	https://access.redhat.com/articles/1200223	security@debian.org
148	https://access.redhat.com/node/1200223	security@debian.org
149	https://bugzilla.redhat.com/show_bug.cgi?id=1141597	security@debian.org
150	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	security@debian.org
151	https://kb.bluecoat.com/index?page=content&id=SA82	security@debian.org
152	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	security@debian.org
153	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	security@debian.org
154	https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/	security@debian.org
155	https://support.apple.com/kb/HT6535	security@debian.org
156	https://support.citrix.com/article/CTX200217	security@debian.org
157	https://support.citrix.com/article/CTX200223	security@debian.org
158	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	security@debian.org
159	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	security@debian.org
160	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	security@debian.org
161	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	security@debian.org
162	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	security@debian.org
163	https://www.exploit-db.com/exploits/34879/	security@debian.org
164	https://www.exploit-db.com/exploits/37816/	security@debian.org
165	https://www.exploit-db.com/exploits/38849/	security@debian.org
166	https://www.exploit-db.com/exploits/39918/	security@debian.org
167	https://www.exploit-db.com/exploits/40619/	security@debian.org
168	https://www.exploit-db.com/exploits/40938/	security@debian.org
169	https://www.exploit-db.com/exploits/42938/	security@debian.org
170	https://www.suse.com/support/shellshock/	security@debian.org
171	http://advisories.mageia.org/MGASA-2014-0388.html	af854a3a-2127-422b-91ae-364da2661108
172	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	af854a3a-2127-422b-91ae-364da2661108
173	http://jvn.jp/en/jp/JVN55667175/index.html	af854a3a-2127-422b-91ae-364da2661108
174	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126	af854a3a-2127-422b-91ae-364da2661108
175	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673	af854a3a-2127-422b-91ae-364da2661108
176	http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html	af854a3a-2127-422b-91ae-364da2661108
177	http://linux.oracle.com/errata/ELSA-2014-1293.html	af854a3a-2127-422b-91ae-364da2661108
178	http://linux.oracle.com/errata/ELSA-2014-1294.html	af854a3a-2127-422b-91ae-364da2661108
179	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html	af854a3a-2127-422b-91ae-364da2661108
180	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html	af854a3a-2127-422b-91ae-364da2661108
181	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html	af854a3a-2127-422b-91ae-364da2661108
182	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html	af854a3a-2127-422b-91ae-364da2661108
183	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html	af854a3a-2127-422b-91ae-364da2661108
184	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html	af854a3a-2127-422b-91ae-364da2661108
185	http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html	af854a3a-2127-422b-91ae-364da2661108
186	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html	af854a3a-2127-422b-91ae-364da2661108
187	http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html	af854a3a-2127-422b-91ae-364da2661108
188	http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html	af854a3a-2127-422b-91ae-364da2661108
189	http://marc.info/?l=bugtraq&m=141216207813411&w=2	af854a3a-2127-422b-91ae-364da2661108
190	http://marc.info/?l=bugtraq&m=141216668515282&w=2	af854a3a-2127-422b-91ae-364da2661108
191	http://marc.info/?l=bugtraq&m=141235957116749&w=2	af854a3a-2127-422b-91ae-364da2661108
192	http://marc.info/?l=bugtraq&m=141319209015420&w=2	af854a3a-2127-422b-91ae-364da2661108
193	http://marc.info/?l=bugtraq&m=141330425327438&w=2	af854a3a-2127-422b-91ae-364da2661108
194	http://marc.info/?l=bugtraq&m=141330468527613&w=2	af854a3a-2127-422b-91ae-364da2661108
195	http://marc.info/?l=bugtraq&m=141345648114150&w=2	af854a3a-2127-422b-91ae-364da2661108
196	http://marc.info/?l=bugtraq&m=141383026420882&w=2	af854a3a-2127-422b-91ae-364da2661108
197	http://marc.info/?l=bugtraq&m=141383081521087&w=2	af854a3a-2127-422b-91ae-364da2661108
198	http://marc.info/?l=bugtraq&m=141383138121313&w=2	af854a3a-2127-422b-91ae-364da2661108
199	http://marc.info/?l=bugtraq&m=141383196021590&w=2	af854a3a-2127-422b-91ae-364da2661108
200	http://marc.info/?l=bugtraq&m=141383244821813&w=2	af854a3a-2127-422b-91ae-364da2661108
201	http://marc.info/?l=bugtraq&m=141383304022067&w=2	af854a3a-2127-422b-91ae-364da2661108
202	http://marc.info/?l=bugtraq&m=141383353622268&w=2	af854a3a-2127-422b-91ae-364da2661108
203	http://marc.info/?l=bugtraq&m=141383465822787&w=2	af854a3a-2127-422b-91ae-364da2661108
204	http://marc.info/?l=bugtraq&m=141450491804793&w=2	af854a3a-2127-422b-91ae-364da2661108
205	http://marc.info/?l=bugtraq&m=141576728022234&w=2	af854a3a-2127-422b-91ae-364da2661108
206	http://marc.info/?l=bugtraq&m=141577137423233&w=2	af854a3a-2127-422b-91ae-364da2661108
207	http://marc.info/?l=bugtraq&m=141577241923505&w=2	af854a3a-2127-422b-91ae-364da2661108
208	http://marc.info/?l=bugtraq&m=141577297623641&w=2	af854a3a-2127-422b-91ae-364da2661108
209	http://marc.info/?l=bugtraq&m=141585637922673&w=2	af854a3a-2127-422b-91ae-364da2661108
210	http://marc.info/?l=bugtraq&m=141694386919794&w=2	af854a3a-2127-422b-91ae-364da2661108
211	http://marc.info/?l=bugtraq&m=141879528318582&w=2	af854a3a-2127-422b-91ae-364da2661108
212	http://marc.info/?l=bugtraq&m=142113462216480&w=2	af854a3a-2127-422b-91ae-364da2661108
213	http://marc.info/?l=bugtraq&m=142118135300698&w=2	af854a3a-2127-422b-91ae-364da2661108
214	http://marc.info/?l=bugtraq&m=142358026505815&w=2	af854a3a-2127-422b-91ae-364da2661108
215	http://marc.info/?l=bugtraq&m=142358078406056&w=2	af854a3a-2127-422b-91ae-364da2661108
216	http://marc.info/?l=bugtraq&m=142546741516006&w=2	af854a3a-2127-422b-91ae-364da2661108
217	http://marc.info/?l=bugtraq&m=142719845423222&w=2	af854a3a-2127-422b-91ae-364da2661108
218	http://marc.info/?l=bugtraq&m=142721162228379&w=2	af854a3a-2127-422b-91ae-364da2661108
219	http://marc.info/?l=bugtraq&m=142805027510172&w=2	af854a3a-2127-422b-91ae-364da2661108
220	http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html	af854a3a-2127-422b-91ae-364da2661108
221	http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html	af854a3a-2127-422b-91ae-364da2661108
222	http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html	af854a3a-2127-422b-91ae-364da2661108
223	http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html	af854a3a-2127-422b-91ae-364da2661108
224	http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html	af854a3a-2127-422b-91ae-364da2661108
225	http://rhn.redhat.com/errata/RHSA-2014-1293.html	af854a3a-2127-422b-91ae-364da2661108
226	http://rhn.redhat.com/errata/RHSA-2014-1294.html	af854a3a-2127-422b-91ae-364da2661108
227	http://rhn.redhat.com/errata/RHSA-2014-1295.html	af854a3a-2127-422b-91ae-364da2661108
228	http://rhn.redhat.com/errata/RHSA-2014-1354.html	af854a3a-2127-422b-91ae-364da2661108
229	http://seclists.org/fulldisclosure/2014/Oct/0	af854a3a-2127-422b-91ae-364da2661108
230	http://secunia.com/advisories/58200	af854a3a-2127-422b-91ae-364da2661108
231	http://secunia.com/advisories/59272	af854a3a-2127-422b-91ae-364da2661108
232	http://secunia.com/advisories/59737	af854a3a-2127-422b-91ae-364da2661108
233	http://secunia.com/advisories/59907	af854a3a-2127-422b-91ae-364da2661108
234	http://secunia.com/advisories/60024	af854a3a-2127-422b-91ae-364da2661108
235	http://secunia.com/advisories/60034	af854a3a-2127-422b-91ae-364da2661108
236	http://secunia.com/advisories/60044	af854a3a-2127-422b-91ae-364da2661108
237	http://secunia.com/advisories/60055	af854a3a-2127-422b-91ae-364da2661108
238	http://secunia.com/advisories/60063	af854a3a-2127-422b-91ae-364da2661108
239	http://secunia.com/advisories/60193	af854a3a-2127-422b-91ae-364da2661108
240	http://secunia.com/advisories/60325	af854a3a-2127-422b-91ae-364da2661108
241	http://secunia.com/advisories/60433	af854a3a-2127-422b-91ae-364da2661108
242	http://secunia.com/advisories/60947	af854a3a-2127-422b-91ae-364da2661108
243	http://secunia.com/advisories/61065	af854a3a-2127-422b-91ae-364da2661108
244	http://secunia.com/advisories/61128	af854a3a-2127-422b-91ae-364da2661108
245	http://secunia.com/advisories/61129	af854a3a-2127-422b-91ae-364da2661108
246	http://secunia.com/advisories/61188	af854a3a-2127-422b-91ae-364da2661108
247	http://secunia.com/advisories/61283	af854a3a-2127-422b-91ae-364da2661108
248	http://secunia.com/advisories/61287	af854a3a-2127-422b-91ae-364da2661108
249	http://secunia.com/advisories/61291	af854a3a-2127-422b-91ae-364da2661108
250	http://secunia.com/advisories/61312	af854a3a-2127-422b-91ae-364da2661108
251	http://secunia.com/advisories/61313	af854a3a-2127-422b-91ae-364da2661108
252	http://secunia.com/advisories/61328	af854a3a-2127-422b-91ae-364da2661108
253	http://secunia.com/advisories/61442	af854a3a-2127-422b-91ae-364da2661108
254	http://secunia.com/advisories/61471	af854a3a-2127-422b-91ae-364da2661108
255	http://secunia.com/advisories/61485	af854a3a-2127-422b-91ae-364da2661108
256	http://secunia.com/advisories/61503	af854a3a-2127-422b-91ae-364da2661108
257	http://secunia.com/advisories/61542	af854a3a-2127-422b-91ae-364da2661108
258	http://secunia.com/advisories/61547	af854a3a-2127-422b-91ae-364da2661108
259	http://secunia.com/advisories/61550	af854a3a-2127-422b-91ae-364da2661108
260	http://secunia.com/advisories/61552	af854a3a-2127-422b-91ae-364da2661108
261	http://secunia.com/advisories/61565	af854a3a-2127-422b-91ae-364da2661108
262	http://secunia.com/advisories/61603	af854a3a-2127-422b-91ae-364da2661108
263	http://secunia.com/advisories/61633	af854a3a-2127-422b-91ae-364da2661108
264	http://secunia.com/advisories/61641	af854a3a-2127-422b-91ae-364da2661108
265	http://secunia.com/advisories/61643	af854a3a-2127-422b-91ae-364da2661108
266	http://secunia.com/advisories/61654	af854a3a-2127-422b-91ae-364da2661108
267	http://secunia.com/advisories/61676	af854a3a-2127-422b-91ae-364da2661108
268	http://secunia.com/advisories/61700	af854a3a-2127-422b-91ae-364da2661108
269	http://secunia.com/advisories/61703	af854a3a-2127-422b-91ae-364da2661108
270	http://secunia.com/advisories/61711	af854a3a-2127-422b-91ae-364da2661108
271	http://secunia.com/advisories/61715	af854a3a-2127-422b-91ae-364da2661108
272	http://secunia.com/advisories/61780	af854a3a-2127-422b-91ae-364da2661108
273	http://secunia.com/advisories/61816	af854a3a-2127-422b-91ae-364da2661108
274	http://secunia.com/advisories/61855	af854a3a-2127-422b-91ae-364da2661108
275	http://secunia.com/advisories/61857	af854a3a-2127-422b-91ae-364da2661108
276	http://secunia.com/advisories/61873	af854a3a-2127-422b-91ae-364da2661108
277	http://secunia.com/advisories/62228	af854a3a-2127-422b-91ae-364da2661108
278	http://secunia.com/advisories/62312	af854a3a-2127-422b-91ae-364da2661108
279	http://secunia.com/advisories/62343	af854a3a-2127-422b-91ae-364da2661108
280	http://support.apple.com/kb/HT6495	af854a3a-2127-422b-91ae-364da2661108
281	http://support.novell.com/security/cve/CVE-2014-6271.html	af854a3a-2127-422b-91ae-364da2661108
282	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash	af854a3a-2127-422b-91ae-364da2661108
283	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272	af854a3a-2127-422b-91ae-364da2661108
284	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279	af854a3a-2127-422b-91ae-364da2661108
285	http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361	af854a3a-2127-422b-91ae-364da2661108
286	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879	af854a3a-2127-422b-91ae-364da2661108
287	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897	af854a3a-2127-422b-91ae-364da2661108
288	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898	af854a3a-2127-422b-91ae-364da2661108
289	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915	af854a3a-2127-422b-91ae-364da2661108
290	http://www-01.ibm.com/support/docview.wss?uid=swg21685541	af854a3a-2127-422b-91ae-364da2661108
291	http://www-01.ibm.com/support/docview.wss?uid=swg21685604	af854a3a-2127-422b-91ae-364da2661108
292	http://www-01.ibm.com/support/docview.wss?uid=swg21685733	af854a3a-2127-422b-91ae-364da2661108
293	http://www-01.ibm.com/support/docview.wss?uid=swg21685749	af854a3a-2127-422b-91ae-364da2661108
294	http://www-01.ibm.com/support/docview.wss?uid=swg21685914	af854a3a-2127-422b-91ae-364da2661108
295	http://www-01.ibm.com/support/docview.wss?uid=swg21686084	af854a3a-2127-422b-91ae-364da2661108
296	http://www-01.ibm.com/support/docview.wss?uid=swg21686131	af854a3a-2127-422b-91ae-364da2661108
297	http://www-01.ibm.com/support/docview.wss?uid=swg21686246	af854a3a-2127-422b-91ae-364da2661108
298	http://www-01.ibm.com/support/docview.wss?uid=swg21686445	af854a3a-2127-422b-91ae-364da2661108
299	http://www-01.ibm.com/support/docview.wss?uid=swg21686447	af854a3a-2127-422b-91ae-364da2661108
300	http://www-01.ibm.com/support/docview.wss?uid=swg21686479	af854a3a-2127-422b-91ae-364da2661108
301	http://www-01.ibm.com/support/docview.wss?uid=swg21686494	af854a3a-2127-422b-91ae-364da2661108
302	http://www-01.ibm.com/support/docview.wss?uid=swg21687079	af854a3a-2127-422b-91ae-364da2661108
303	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315	af854a3a-2127-422b-91ae-364da2661108
304	http://www.debian.org/security/2014/dsa-3032	af854a3a-2127-422b-91ae-364da2661108
305	http://www.kb.cert.org/vuls/id/252743	af854a3a-2127-422b-91ae-364da2661108
306	http://www.mandriva.com/security/advisories?name=MDVSA-2015:164	af854a3a-2127-422b-91ae-364da2661108
307	http://www.novell.com/support/kb/doc.php?id=7015701	af854a3a-2127-422b-91ae-364da2661108
308	http://www.novell.com/support/kb/doc.php?id=7015721	af854a3a-2127-422b-91ae-364da2661108
309	http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html	af854a3a-2127-422b-91ae-364da2661108
310	http://www.qnap.com/i/en/support/con_show.php?cid=61	af854a3a-2127-422b-91ae-364da2661108
311	http://www.securityfocus.com/archive/1/533593/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
312	http://www.securityfocus.com/bid/70103	af854a3a-2127-422b-91ae-364da2661108
313	http://www.ubuntu.com/usn/USN-2362-1	af854a3a-2127-422b-91ae-364da2661108
314	http://www.us-cert.gov/ncas/alerts/TA14-268A	af854a3a-2127-422b-91ae-364da2661108
315	http://www.vmware.com/security/advisories/VMSA-2014-0010.html	af854a3a-2127-422b-91ae-364da2661108
316	http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0	af854a3a-2127-422b-91ae-364da2661108
317	https://access.redhat.com/articles/1200223	af854a3a-2127-422b-91ae-364da2661108
318	https://access.redhat.com/node/1200223	af854a3a-2127-422b-91ae-364da2661108
319	https://bugzilla.redhat.com/show_bug.cgi?id=1141597	af854a3a-2127-422b-91ae-364da2661108
320	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	af854a3a-2127-422b-91ae-364da2661108
321	https://kb.bluecoat.com/index?page=content&id=SA82	af854a3a-2127-422b-91ae-364da2661108
322	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648	af854a3a-2127-422b-91ae-364da2661108
323	https://kc.mcafee.com/corporate/index?page=content&id=SB10085	af854a3a-2127-422b-91ae-364da2661108
324	https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/	af854a3a-2127-422b-91ae-364da2661108
325	https://support.apple.com/kb/HT6535	af854a3a-2127-422b-91ae-364da2661108
326	https://support.citrix.com/article/CTX200217	af854a3a-2127-422b-91ae-364da2661108
327	https://support.citrix.com/article/CTX200223	af854a3a-2127-422b-91ae-364da2661108
328	https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html	af854a3a-2127-422b-91ae-364da2661108
329	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075	af854a3a-2127-422b-91ae-364da2661108
330	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183	af854a3a-2127-422b-91ae-364da2661108
331	https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts	af854a3a-2127-422b-91ae-364da2661108
332	https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006	af854a3a-2127-422b-91ae-364da2661108
333	https://www.exploit-db.com/exploits/34879/	af854a3a-2127-422b-91ae-364da2661108
334	https://www.exploit-db.com/exploits/37816/	af854a3a-2127-422b-91ae-364da2661108
335	https://www.exploit-db.com/exploits/38849/	af854a3a-2127-422b-91ae-364da2661108
336	https://www.exploit-db.com/exploits/39918/	af854a3a-2127-422b-91ae-364da2661108
337	https://www.exploit-db.com/exploits/40619/	af854a3a-2127-422b-91ae-364da2661108
338	https://www.exploit-db.com/exploits/40938/	af854a3a-2127-422b-91ae-364da2661108
339	https://www.exploit-db.com/exploits/42938/	af854a3a-2127-422b-91ae-364da2661108
340	https://www.suse.com/support/shellshock/	af854a3a-2127-422b-91ae-364da2661108
341	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6271	134c704f-9b21-4f2e-91b3-4a467353bcc0

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-78	OSコマンド・インジェクション	https://cwe.mitre.org/data/definitions/78.html