FYI ---------- Forwarded message ---------- From: Clark Mills <c.mills(a)auckland.ac.nz> Date: Thu, Sep 25, 2014 at 8:33 AM Subject: Re: [NZLUG] ALERT: Remote code-exec in bash (CVE-2014-6271) To: NZ Linux Users Group <nzlug(a)lists.nzoss.org.nz> [ from /. thread ] This is the test to see if you are vulnerable: env x='() {:;}; echo vulnerable' bash -c "echo this is a test" On 25/09/14 08:16, Jaco wrote:
bash is borked.
http://www.csoonline.com/article/2687265/application-security/remote-exploit...
This bad. This is very, VERY bad.
Please go patch!
_______________________________________________ NZLUG mailing list NZLUG(a)lists.nzoss.org.nz http://lists.nzoss.org.nz/mailman/listinfo/nzlug -- Peter Reutemann, Dept. of Computer Science, University of Waikato, NZ http://www.cms.waikato.ac.nz/~fracpete/ Ph. +64 (7) 858-5174