[GLLUG] Bash Bug
Iain M Conochie
iain at shihad.org
Thu Sep 25 17:12:58 UTC 2014
<snip>
> I don't get that result on our Debian 7 instances pre-patch (perhaps
> due to our config?)
>
> # env X="() { :;} ; echo busted" /bin/sh -c "echo completed"
> completed
>
> It's better after the patch though.
>
> All the CentOS failed.
>:~$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
>:~$ env X='() { :;} ; echo busted' /bin/sh -c "echo completed"
completed
>:~$ env x='() { :;}; echo busted' bash -c "echo completed"
busted
completed
>:~$ ls -l /bin/sh
lrwxrwxrwx 1 root root 4 Jan 10 2014 /bin/sh -> dash
You have /bin/sh linked to something other than bash perhaps? That I
think is the default for wheezy.
Cheers
Iain
More information about the GLLUG
mailing list