1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Upgrade Bash

Discussion in 'Entertainment and Technology' started by Pret Allez, Sep 25, 2014.

Thread Tools

Thread Tools

  1. Pret Allez

    Pret Allez
    Full Member

    Joined:
    Apr 19, 2012
    Messages:
    6,785
    Likes Received:
    67
    Location:
    Seattle, WA
    Gender:
    Female (trans*)
    Gender Pronoun:
    She
    Sexual Orientation:
    Bisexual
    Out Status:
    Some people
    There is a remote code execution vulnerability in Bash right now (CVE-2014-6271, cited in Schneier). I know that some of my brothers and sisters here are GNU/Linux users, so be careful. It's likely that your distribution has already fixed this. Use your package manager to address this issue by upgrading normally.

    To find out if you are vulnerable, from bash, type in:

    Code:
    env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
    and the output will be

    Code:
    vulnerable
 this is a test
    For a fixed version of bash, the output should be

    Code:
     bash: warning: x: ignoring function definition attempt
 bash: error importing function definition for `x'
 this is a test
    :kiss:
     
    #1 Pret Allez, Sep 25, 2014
  2. FrenchKid98

    FrenchKid98
    Full Member

    Joined:
    Mar 23, 2014
    Messages:
    157
    Likes Received:
    0
    Location:
    Luxembourg
    #2 FrenchKid98, Sep 25, 2014
(You must log in or sign up to post here.)