libreplanet-br-sp
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lp-br-sp] [AVISO] Remote Exploit Vulnerability Found In Bash


From: Sergio Durigan Junior
Subject: [lp-br-sp] [AVISO] Remote Exploit Vulnerability Found In Bash
Date: Wed, 24 Sep 2014 15:32:10 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

Opa,

  <http://seclists.org/oss-sec/2014/q3/650>

Já atualizei nosso servidor com o pacote que tem o fix (já saiu no
Debian).

Se quiserem verificar se o seu bash tem o bug (bem provável):

  env x='() { :;}; echo vulnerable' bash -c "test"

Você deve ver uma saída do tipo:

  bash: warning: x: ignoring function definition attempt
  bash: error importing function definition for `x'
  test

Se conseguir ver o "vulnerable", está afetado.

Falou,

-- 
Sergio
GPG key ID: 0x65FC5E36
Please send encrypted e-mail if possible
http://sergiodj.net/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]