Important.
Possibly on all Unix, Linux and OSX platforms

Bash vulnerability: As seen on TV CNN etc


   Diagnostic Steps

To test if your version of Bash is vulnerable to this issue, run the following command:

$ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"

If the output of the above command looks as follows:

vulnerable
this is a test

you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

$ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test


Possibly can stop using a firewall rule:

iptables -A INPUT -m string --algo bm --hex-string '|28 29 20 7B|' -j DROP

*then save iptables etc.*


I ran the first part on my qmail-toaster servers, and was at risk.

Dave M




Reply via email to