SynopsisThe remote host is affected by a code injection vulnerability known as Shellshock.
DescriptionThe remote host has a version of McAfee Next Generation Firewall (NGFW) installed that is affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via environment variable manipulation depending on the configuration of the system.
SolutionApply the relevant hotfix referenced in the vendor advisory.