Highest Voted 'shellshock' Questions

142

votes

5 answers

What is the CVE-2014-6271 bash vulnerability (Shellshock) and how do I fix it?

Recently, there have been news going around regarding "CVE-2014-6271" (See USN-2362-1), which is a vulnerability in Bash. How do I know if I am affected by this, how can I fix it, and why should I care? This is designed as a canonical answer for…

bash security shellshock

asked Sep 24 '14 at 21:48

nanofarad

20,906

32

votes

2 answers

Explanation of the command to check shellshock

Here is the command I have used to check my bash shell for the Shellshock bug: env x='() { :;}; echo vulnerable' bash -c "echo this is a test" Can anyone please explain the command in details?

bash shellshock

asked Sep 28 '14 at 05:35

heemayl

93,925

3

votes

2 answers

Problem regarding passing a function to child process in Linux shell

I'm doing the Shellshock lab, the tutorial gives an approach to pass a function to child process by environment variable: $ foo='() { echo "hello"; }' $ export foo $ /bin/bash $ foo hello However, when I tried this on my Ubuntu 20.04, foo was not…

bash shellshock

asked Dec 05 '23 at 12:16

Heisenbug

39

2

votes

1 answer

Shellshock: How can I update only Bash without restarting?

I want to fix the Shellshock issue, and the usual solution is to update Ubuntu. How can I update only Bash and without having to reboot?

bash shellshock vulnerability

asked Oct 03 '14 at 12:24

Eduard Florinescu

8,587

1

vote

0 answers

Unable to reproduce the ShellShock bug locally

I have been trying to reproduce the Shellshock bug on my local 14.04 Ubuntu VM without any luck. I know my local bash version is still vulnerable because the following command prints out the commented part: env x='() { :;}; echo vulnerable' bash -c…

bash shellshock

asked Oct 05 '14 at 00:14

sasuke

111

0

votes

1 answer

Ubuntu 14.04 Vulnerable to Shellshock?

I just installed 14.04 today, found seems the system still have Shellshock issue: dli@srv:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.1 LTS Release: 14.04 Codename: trusty dli@srv:~$ env…

14.04 shellshock

asked Nov 18 '14 at 22:12

dli

153

0

votes

1 answer

Does Ubuntu 14.10 have the security fix for Shellshock bash exploit?

On the internet, I noticed there were Patches for the Shellshock vulnerability which is scaring me a lot. Does Ubuntu 14.10 have this automatically in it?

bash security 14.10 shellshock

asked Oct 08 '14 at 02:44

Bran

795
3
10
19

0

votes

2 answers

Install only bash from trusty on old distributions (to be save from Shellshock vulnerability)

Is there a way to just install only bash from the latest distribution on an old mashine? I once did pinning to a certain version of a package, but that was bevcause I didn't want to update that specific package. Here it would be pinning in the…

bash pinning shellshock vulnerability

asked Sep 29 '14 at 07:12

rubo77

34,024
52
172
299

Questions tagged [shellshock]