Testing Shellshock Bug In BASH – CVE-2014-6271 (Exploit 1)

To test for the vulnerability on your *nix systems just issue the following command as any user (doesn’t have to be root):

env testbug='() { :;}; echo VULNERABLE' bash -c "echo completed"

If you see this:

VULNERABLE
completed

It’s vulnerable, if it’s fixed or not vulnerable you should see this:

bash: warning: testbug: ignoring function definition attempt
bash: error importing function definition for `testbug'
completed

September 26, 2014 0 Comments

No comments yet.

New macOS zero-day, currently no PoC. https://t.co/usSM8CXUNW 5 years ago
“The exploit is highly efficient because the malicious app doesn't need admin access to retrieve passwords from the… https://t.co/wb3xu9MWL2 5 years ago
There is no way of telling whether this security flaw has been actively used or not, best practice is to assume tha… https://t.co/v3vBjImZTN 5 years ago
You can see which version of Kubernetes your nodes are running by running: kubectl get nodes. Your output tells you… https://t.co/vYrqpHsDv7 5 years ago
Kubernetes CVE-2018-1002105 allows any authenticated user to get administrative access to the cluster (using standa… https://t.co/lqv0HcFbWH 5 years ago