← LibraryTechnique entry
CVE-SHELLSHOCKExecution
Shellshock (CVE-2014-6271)
Bash function-import in environment variables runs trailing shell commands — exploited via HTTP headers in CGI scripts.
§ Where this technique fits
CVE-SHELLSHOCK is catalogued under the Execution tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.