Vulnerability Assessment on Pen tester Lab VM

I began the assessment by performing a host discovery scan to identify active devices on the network. This scan confirmed that the target system at 10.0.2.4 is active and responsive, with one host identified."

Following host discovery, I performed a full TCP port scan to identify the target's attack surface, which revealed two open ports: 22 (SSH) and 80 (HTTP). Subsequent service enumeration identified that the web server is running Apache httpd 2.2.21. This version is significantly outdated and presents a high risk for various vulnerabilities, including information disclosure and remote code execution, as highlighted by the presence of CVE-2014–6271.

Analysis of the HTTP service revealed that the page title explicitly references 'CVE-2014–6271,' commonly known as the 'Shellshock' vulnerability. This critical flaw in the Bash shell allows an attacker to inject and execute arbitrary commands on the server through malformed environment variables.

The target system is running an outdated version of Apache (2.2.21) that is vulnerable to the critical Shellshock exploit (CVE-2014–6271). To remediate this risk, you must immediately patch the Bash shell and update the Apache server to a secure, supported version. You should also disable unnecessary CGI modules or scripts to reduce your overall attack surface. Finally, implementing a Web Application Firewall and enforcing the principle of least privilege will help detect and prevent similar command injection attempts in the future.