How to understand bash vulnerability?

help-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

How to understand bash vulnerability?

From:	Peng Yu
Subject:	How to understand bash vulnerability?
Date:	Mon, 21 Dec 2020 17:26:45 -0600

Hi,

https://securityintelligence.com/articles/shellshock-vulnerability-in-depth/

The above link shows the following three commands to test whether Bash
has a vulnerability.

env X="() { :;} ; echo Bash is Infected" /bin/sh -c "echo completed"
env X="() { :;} ; echo Bash is Infected" `which bash` -c "echo completed"
env VAR='() { :;}; echo Bash is Infected' bash -c "echo completed"

But I don't have an old version of bash installed that has this
vulnerability. Could anybody let me know what the problem was and how
to understand the above code? Thanks.

-- 
Regards,
Peng

[Prev in Thread]

Current Thread

[Next in Thread]

How to understand bash vulnerability?, Peng Yu <=
- Re: How to understand bash vulnerability?, David, 2020/12/21
  - Re: How to understand bash vulnerability?, Peng Yu, 2020/12/30
  - Re: How to understand bash vulnerability?, Peng Yu, 2020/12/30
    - Re: How to understand bash vulnerability?, Chet Ramey, 2020/12/31

Prev by Date: Re: Speeding up a find and subsequent grep
Next by Date: Re: How to understand bash vulnerability?
Previous by thread: Speeding up a find and subsequent grep
Next by thread: Re: How to understand bash vulnerability?
Index(es):
- Date
- Thread