McAfee Next Generation Firewall GNU Bash Code Injection (SB10085) (Shellshock)

Critical Nessus Plugin ID 79234


The remote host is affected by a code injection vulnerability known as Shellshock.


The remote host has a version of McAfee Next Generation Firewall (NGFW) installed that is affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via environment variable manipulation depending on the configuration of the system.


Apply the relevant hotfix referenced in the vendor advisory.

See Also

Plugin Details

Severity: Critical

ID: 79234

File Name: mcafee_ngfw_SB10085.nasl

Version: $Revision: 1.11 $

Type: local

Family: Misc.

Published: 2014/11/13

Modified: 2017/04/25

Dependencies: 73831

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:ND/RC:ND

Vulnerability Information

CPE: cpe:/a:mcafee:ngfw

Required KB Items: Host/McAfeeNGFW/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/09/30

Vulnerability Publication Date: 2014/09/24

Exploitable With

Core Impact

Metasploit (CUPS Filter Bash Environment Variable Code Injection (Shellshock))

Reference Information

CVE: CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187

BID: 70103, 70137, 70152, 70154, 70165, 70166

OSVDB: 112004, 112096, 112097, 112158, 112169

CERT: 252743

IAVA: 2014-A-0142

EDB-ID: 34765, 34766, 34777