[kwlug-disc] Vulnerability in bash
Giles Malet
gdmalet at gmail.com
Thu Sep 25 15:36:57 EDT 2014
On 14-09-25 09:35 AM, Khalid Baheyeldin wrote:
> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
> [...]
> I did not need to reboot nor start the shells I have open in screen.
Don't forget you are starting a new copy of the shell (a subshell) to
execute the above command, and apparently it picks up the patched
version. If it hasn't been replaced, your running shell could still be
vulnerable, so you could replace it by running something like `exec bash'.
Since bash often starts new subshells, just patching without rebooting /
restarting maybe gets you mostly there....
g
More information about the kwlug-disc
mailing list