The Shell Shock Vulnerability

The Shell Shock exploit or bash vulnerability is a serious bug in most versions of Bash dating back to at least 1994. It allows remote attackers to execute arbitrary code because it processes trailing strings after function definitions in the values of environment variables.
Simple check is executing command:
x="() { :; }; echo x" bash -c :
and if “x” is printed then your bash is vulnerable. Taken from commandlinefu by user malathion
More about vulnerability can be found at shellshockexploit.com where are also described more checking methods and more info about that.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s