Wednesday, September 24, 2014

Bash Vulnerability

A vulnerability in bash was announced this morning:

You can test your system to see if it's vulnerable using the POC shown here:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
For example:
Ubuntu has released an updated version of bash to resolve this:

You should install this updated package as soon as possible.  As always, we recommend using "soup" to apply package updates.  Please see the following page for full update instructions:

After installing the updated package, you can verify using the POC again:
New version of bash
UPDATE 20140925 16:38:
Please see Part 2:

No comments:

Search This Blog

Featured Post

New Security Onion Online Training Class - Detection Engineering with Security Onion!

We've just added an exciting new course to our online Security Onion 2.4 training catalog! It's called "Detection Engineering w...

Popular Posts

Blog Archive