On Sep 25, 2014 8:23 AM, "Luca Costantino" <luca.costant...@gmail.com> wrote: > > Letto? > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271 > > env x='() { :;}; echo vulnerable' bash -c "echo this is a test" >
Let's upgrade to zsh: $ env x='() { :;}; echo vulnerable' zsh -c "echo this is a test" this is a test ;)