Linked Questions

Ask Question
15 questions linked to/from When was the shellshock (CVE-2014-6271/7169) bug introduced, and what is the patch that fully fixes it?
Hot Newest Score Active Unanswered
-1 votes
1 answer
201 views

We have over 10000 servers to patch for bash vulnerability (shellshock) bug. Now my question is what is the command to patch this bug ? And how we can check whether the patch has been installed and ...
Srv's user avatar
  • 13
250 votes
5 answers
116k views

There is apparently a vulnerability (CVE-2014-6271) in bash: Bash specially crafted environment variables code injection attack I am trying to figure out what is happening, but I'm not entirely sure ...
jippie's user avatar
  • 14.6k
74 votes
4 answers
43k views

I thought this would be simple - but it is proving more complex than I expected. I want to iterate through all the files of a particular type in a directory, so I write this: #!/bin/bash for fname ...
symcbean's user avatar
  • 6,359
27 votes
7 answers
13k views

A few times when I read about programming I came across the "callback" concept. Funnily, I never found an explanation I can call "didactic" or "clear" for this term "callback function" (almost any ...
user avatar
24 votes
3 answers
5k views

There's a similar question that deals with the 'wrapping' scenario, where you want to replace for example cd with a command that calls the builtin cd. However, in light of shellshock et al and ...
falstro's user avatar
  • 433
14 votes
1 answer
9k views

read -p "Enter yes/no " SOMEVAR SOMEVAR=`"echo ${SOMEVAR,,}"` The code above gives me a ${SOMEVAR,,}: bad substitution error.
Hitanshu Sachania's user avatar
  • 347
19 votes
1 answer
1k views

Since this bug affects so many platforms, we might learn something from the process by which this vulnerability was found: was it an εὕρηκα (eureka) moment or the result of a security check? Since we ...
Faheem Mitha's user avatar
  • 36.1k
7 votes
2 answers
11k views

I am reading this post on using functions in bash shell variables. I observe that to use shell functions, one has to export them and execute them in a child shell as follows: $ export foo='() { echo "...
Jake's user avatar
  • 1,423
5 votes
3 answers
41k views

Can commands be written to a logfile before they were executed in any shells? I know there is a patch for ssh to log all commands from ssh sessions, but i want to log even commands executed from a ...
sodan's user avatar
  • 51
6 votes
3 answers
3k views

I want to execute a Bash function at a scheduled time. I think the right tool for this is the at command. However, it doesn't seem to be working. function stupid () { date } export -f stupid ...
Nick Chammas's user avatar
  • 165
5 votes
3 answers
5k views

I am trying to understand what could be the security concern of CVE-2014-6271 and all the links I see just gives me the below command. env x='() { :;}; echo vulnerable' bash -c "echo this is a test" ...
Ramesh's user avatar
  • 40.6k
7 votes
1 answer
3k views

Over the years I've collected sort of a library of bash functions the shell and scripts refer to. To decrease the import boilerplate, I'm exploring options how to reasonably include the library in ...
laur's user avatar
  • 814
1 vote
1 answer
4k views

Note that this question is definitely not a duplicate of: When was the shellshock (CVE-2014-6271/7169) bug introduced, and what is the patch that fully fixes it? According to: https://security-...
Cedric Martin's user avatar
  • 2,907
1 vote
1 answer
2k views

We have several Amazon servers. It has bash version 4.1.2. Kaspersky claims that all bash versions up to 4.3 are unsafe. When I do this test... env x='() { :;}; echo vulnerable' bash -c 'echo hello' ....
SPRBRN's user avatar
  • 1,125
0 votes
1 answer
813 views

I asked a related question on defining and using shell functions in bash. In this question I want to ask specifically which way of defining function can lead to shellshock. I did some tests and I want ...
Jake's user avatar
  • 1,423