Last active
August 29, 2015 14:07
-
-
Save notae/2dac514428c5956767e2 to your computer and use it in GitHub Desktop.
bashcheck on Mac OS X Mavericks before / after OS X bash Update 1.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Before: | |
| $ ./bashcheck | |
| Vulnerable to CVE-2014-6271 (original shellshock) | |
| Vulnerable to CVE-2014-7169 (taviso bug) | |
| ./bashcheck: line 18: 2839 Segmentation fault: 11 bash -c "true $(printf '<<EOF %.0s' {1..79})" 2> /dev/null | |
| Vulnerable to CVE-2014-7186 (redir_stack bug) | |
| Test for CVE-2014-7187 not reliable without address sanitizer | |
| Variable function parser still active, likely vulnerable to yet unknown parser bugs like CVE-2014-6277 (lcamtuf bug) | |
| After: | |
| $ ./bashcheck | |
| Not vulnerable to CVE-2014-6271 (original shellshock) | |
| Not vulnerable to CVE-2014-7169 (taviso bug) | |
| ./bashcheck: line 18: 2921 Segmentation fault: 11 bash -c "true $(printf '<<EOF %.0s' {1..79})" 2> /dev/null | |
| Vulnerable to CVE-2014-7186 (redir_stack bug) | |
| Test for CVE-2014-7187 not reliable without address sanitizer | |
| Variable function parser inactive, likely safe from unknown parser bugs |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment