Quoting Kent Fredric <[email protected]>:
On 26 September 2014 13:45, gvim <[email protected]> wrote:Updated my bash on CentOS 6.5 this morning so your test fails: # env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a testThere's a second vulnerability that escapes the first bug patch. env X="() { (a)=>\\" bash -c '/dev/stdout date' If this prints the date, you still have a hole where bash can write content to arbitrary files. ( And this trick somehow makes it write the date to /dev/stdout. )
New patch released overnight which seems to fix that. Dave...
