Certified Ethical Hacker (CEH v10) — Question 53

What is the most common method to exploit the "Bash Bug" or "ShellShock" vulnerability?

Answer options

• A. Manipulate format strings in text fields
• B. SSH
• C. SYN Flood
• D. Through Web servers utilizing CGI (Common Gateway Interface) to send a malformed environment variable to a vulnerable Web server

Correct answer: D

Explanation

The correct answer is D because the ShellShock vulnerability is typically exploited through CGI scripts that allow attackers to send specially crafted environment variables to affected systems. Options A, B, and C do not relate to the ShellShock vulnerability and represent different types of attacks or technologies that do not exploit this specific flaw.