If you patched your bash installs yesterday did you include the second patch? The first patch was partial and the second patch is vital to complete the patching.
The second patch bash43-026 follows on from bash43-025.
Time to check if your distro's have been updated again.
All currently supported version of bash have patches here.
The test scripts I've been using are:
#!/bin/bash
env x='() { :;}; echo OOPS' bash -c /bin/true
which executes the payload echo OOPS and produces the output
OOPS
#!/bin/bash
env X='() { (a)=>\' bash -c "echo date"; cat echo
The second patch bash43-026 follows on from bash43-025.
Time to check if your distro's have been updated again.
All currently supported version of bash have patches here.
The test scripts I've been using are:
#!/bin/bash
env x='() { :;}; echo OOPS' bash -c /bin/true
which executes the payload echo OOPS and produces the output
OOPS
and
env X='() { (a)=>\' bash -c "echo date"; cat echo
which executes the payload bash -c "echo date" and produces the output
bash: X: line 1: syntax error near unexpected token `='
bash: X: line 1: `'
bash: error importing function definition for `X'
Sat Sep 27 12:53:13 BST 2014
The second example came from Travis Ormandy who is also the author of the second patch.
Comments
Post a Comment