Shellshock Bash Vulnerability Found

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

sboesch

Active Member
Aug 3, 2012
467
95
28
Columbus, OH
You can test for the vulnerability on linux, unix, or Macs in a terminal with the following code:

Code:
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
If your in the clear you will get:
Code:
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' hello
If you are not clear and are FOOKED you will get:
Code:
vulnerable hello
Check your version of Bash by running:
Code:
bash --version
 
Last edited:

Patrick

Administrator
Staff member
Dec 21, 2010
12,511
5,792
113
Yea I ended up patching already. Potential to be a fairly big one.
 
Last edited:

Entz

Active Member
Apr 25, 2013
269
62
28
Canada Eh?
Most of my servers are running an older versions of Ubuntu (i.e. 13.10/13.04 bash 4.2.45 ). 14.0.4 is fine when updated (bash 4.3.11). Scary. Gonna require more then just updating bash.
 

Mike

Member
May 29, 2012
482
16
18
EU
Most of my servers are running an older versions of Ubuntu (i.e. 13.10/13.04 bash 4.2.45 ). 14.0.4 is fine when updated (bash 4.3.11). Scary. Gonna require more then just updating bash.
Bash is not the only thing you have to worry about on 13.04/10.