Currently a new bug, named ShellShock, was announced as CVE-2014-6271 in the National Vulnerability Database. It might be even more dangerous than the SSL bug „Heartbleed“ that occured some month ago.
An overview, according to the web site:
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.
A simple test could give you an idea, if your system is vulnerable, or not:
|
1 2 3 |
user@seiler.it:~$ env x='() { :;}; echo vulnerable' bash -c "echo testing..." vulnerable testing... |
|
1 2 3 4 5 6 7 |
user@seiler.it:~$ apt-get update user@seiler.it:~$ apt-get upgrade The following packages will be upgraded: ... bash ... Preparing to replace bash 4.2-2ubuntu2.1 (durch .../bash_4.2-2ubuntu2.2_i386.deb) ... Substitute for bash is being unpacked ... |
|
1 2 3 4 |
user@seiler.it:~$ env x='() { :;}; echo vulnerable' bash -c "echo testing..." bash: Warnung: x: ignoring function definition attempt bash: Fehler beim Importieren der Funktionsdefinition. testing... |
Leave A Comment