[Emerging-Sigs] Bash 0-day

Markus Manzke mm at mare-system.de
Thu Sep 25 04:25:37 EDT 2014


FYI

http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html





On 09/24/2014 07:33 PM, Cooper F. Nelson wrote:
> This popped up on one of my mailing lists today:
> 
>> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
> 
> This is an example of the exploit code:
> 
>> $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
>>  vulnerable
>>  this is a test
> 
> I'm not sure of what would be the best way to detect this, as its
> potentially exploitable via multiple ports/protocols and I suspect
> trivial to obfuscate.
> 
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at lists.emergingthreats.net
> https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> 
> Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreats.net
> 


More information about the Emerging-sigs mailing list