[BlueOnyx:16026] Re: Bash Vulnerability
Dr. Blunt
cleardata at earthlink.net
Wed Sep 24 17:25:33 -05 2014
Wow -- that was a quick fix !!!
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
Downloading Packages:
(1/2): bash-3.2-33.el5.1.i386.rpm | 1.8 MB 00:10
(2/2): axis-1.2.1-2jpp.8.el5_10.i386.rpm | 3.1 MB 00:18
--------------------------------------------------------------------------------
Total 175 kB/s | 4.9 MB 00:28
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating :
bash 1/4
Updating :
axis 2/4
Cleanup :
bash 3/4
Cleanup :
axis 4/4
Updated:
axis.i386 0:1.2.1-2jpp.8.el5_10 bash.i386 0:3.2-33.el5.1
At 03:10 PM 9/24/2014, you wrote:
> boundary="----=_NextPart_000_015C_01CFD84C.BFED5570"
>Content-Language: en-gb
>
>CentOS 5-7 are explicitly mentioned here:
>http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/
>
More information about the Blueonyx
mailing list