At a command prompt:
# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
After updating the result should be:
# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test
On 26 September 2014 15:47, David <da...@kenpro.com.au> wrote:
> How to know I have the secure version?
>
>
> root@debian-wheezy:~# bash --version
> GNU bash, version 4.2.37(1)-release (x86_64-pc-linux-gnu)
>
> root@ubuntu-12.04:~# bash --version
> GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu)
>
> both upgraded for the second time today, just before sending this email.
>
>
>
>
>
>
> On 26/09/14 14:03, Jonathan Molyneux wrote:
>
>> Hey SLUG,
>>
>> I'm sure everyone's aware of this issue.
>> But just for the people that may have missed the fan fair yesterday:
>> http://it.slashdot.org/story/14/09/25/236256/first-
>> shellshock-botnet-attacking-akamai-us-dod-networks
>>
>> If your running debian, they re-released a patch this morning (a complete
>> fix now).
>> If you think you are not affected, YOU ARE AFFECTED, patch all your
>> systems (this has so many vectors).
>>
>> Regards
>> Jonathan
>>
>
> --
> David McQuire
> 0418 310312
>
>
> --
> SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
> Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
>
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
