This host is installed with GNU Bash Shell and is prone to remote command execution vulnerability.
Successful exploitation will allow remote or local attackers to inject shell commmands, allowing local privilege escalation or remote command execution depending on the application vector. Impact Level: Application
Apply the patch or upgrade to latest version, For updates refer to http://www.gnu.org/software/bash/
GNU bash contains a flaw that is triggered when evaluating environment variables passed from another environment. After processing a function definition, bash continues to process trailing strings.
GNU Bash through 4.3
Send a FTP login request and check remote command execution.
- FTPDMIN 'RNFR' Command Buffer Overflow Vulnerability
- AutoFTP Manager FTP Client Directory Traversal Vulnerability
- TYPSoft FTP Server Multiple Commands Remote Denial of Service Vulnerabilities
- SpoonFTP 'RETR' Command Remote Denial of Service Vulnerability
- WS FTP server FTP bounce attack and PASV connection hijacking flaw