Discussion:
Security: bash: still vulnerable ( CVE-2014-6277 )
(too old to reply)
David Haller
2014-10-13 04:38:36 UTC
Permalink
Hello,
The current advice on the shellshocker.net web site is to run the
curl https://shellshocker.net/shellshock_test.sh | bash
On a 13.1 system with bash-4.2-68.8.1.x86_64, every test results in a
"not vulnerable" message....
Same here
Same here on 12.1 with the "just linked to Base:System/bash" package
I build for 12.1-13.1 + Tumbleweed ...

$ rpm -q --qf '%{name}-%{version}-%{release}\n%{distribution}\n%{buildtime:date}\n' bash
bash-4.2-255.1
home:dnh / openSUSE_12.1_Update_standard
Mon 06 Oct 2014 10:32:03 AM CEST
$ bash shellshock_test.sh
CVE-2014-6271 (original shellshock): not vulnerable
CVE-2014-6277 (segfault): not vulnerable
CVE-2014-6278 (Florian's patch): not vulnerable
CVE-2014-7169 (taviso bug): not vulnerable
CVE-2014-7186 (redir_stack bug): not vulnerable
CVE-2014-7187 (nested loops off by one): not vulnerable
CVE-2014-//// (exploit 3 on http://shellshocker.net/): not vulnerable

-dnh
--
Sheridan: "I'll tell you one thing. If the primates that we came from had
known that some day politicians would come out of the gene pool, they'd have
stayed up in the trees and written evolution off as a bad idea!"
-- Babylon 5, 2x04 - A Distant Star
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
To contact the owner, e-mail: opensuse+***@opensuse.org
Bernhard Voelker
2014-10-13 06:44:21 UTC
Permalink
bash -c "f() { x() { _;}; x() { _;} <<a; }"\
2>/dev/null || echo vulnerable
Segmentation fault
vulnerable
I'd file a bug for this.
It's "nice" that the few existing shellshocker tests pass,
but it's not okay that bash segfaults in other cases.

Have a nice day,
Berny
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
To contact the owner, e-mail: opensuse+***@opensuse.org
Marcus Meissner
2014-10-16 08:49:17 UTC
Permalink
Post by David Haller
Hello,
The current advice on the shellshocker.net web site is to run the
curl https://shellshocker.net/shellshock_test.sh | bash
On a 13.1 system with bash-4.2-68.8.1.x86_64, every test results in a
"not vulnerable" message....
Same here
Same here on 12.1 with the "just linked to Base:System/bash" package
I build for 12.1-13.1 + Tumbleweed ...
$ rpm -q --qf '%{name}-%{version}-%{release}\n%{distribution}\n%{buildtime:date}\n' bash
bash-4.2-255.1
home:dnh / openSUSE_12.1_Update_standard
Mon 06 Oct 2014 10:32:03 AM CEST
$ bash shellshock_test.sh
CVE-2014-6271 (original shellshock): not vulnerable
CVE-2014-6277 (segfault): not vulnerable
CVE-2014-6278 (Florian's patch): not vulnerable
CVE-2014-7169 (taviso bug): not vulnerable
CVE-2014-7186 (redir_stack bug): not vulnerable
CVE-2014-7187 (nested loops off by one): not vulnerable
CVE-2014-//// (exploit 3 on http://shellshocker.net/): not vulnerable
Thats because I fixed the test on shellshocker.net to detect the actual security issue "better".

The actuall bash segfault (not a security issue) might still be there,
but either a bash fix was pushed already or will be.

Ciao, Marcus
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
To contact the owner, e-mail: opensuse+***@opensuse.org
Loading...