bug-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: My System get vuln in Shellshock, what should i do ?

From: Chet Ramey
Subject: Re: My System get vuln in Shellshock, what should i do ?
Date: Mon, 9 Nov 2015 09:55:07 -0500
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 
On 11/9/15 6:03 AM, Muhammad Hafiz Izman Bin Ab Rahim wrote:
> mhafizizman@ThinkspiratioN:~$ bash --version
> GNU bash, version 4.3.0(1)-release (x86_64-unknown-linux-gnu)
> Copyright (C) 2013 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> 
> This is free software; you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
> 
> 
> mhafizizman@ThinkspiratioN:~$ env x='() { :;}; echo vulnerable' bash -c
> "echo this is a test"
> vulnerable
> this is a test

If you built bash yourself from source, you can get all the patches from
ftp.gnu.org or a gzipped tar file of the current version with all patches
applied from

http://git.savannah.gnu.org/cgit/bash.git/snapshot/bash-master.tar.gz

If you got bash as part of your Linux distribution, you should get a
patched version from your vendor.

Chet
-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    chet@case.edu    http://cnswww.cns.cwru.edu/~chet/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]