shellshocker
shellshocker copied to clipboard
wreiske
The code behind https://shellshocker.net/
Debian squeeze-lts here. I'd like to stick to the repository packages when they've patched the vulnerabilities. How can I revert the changes made by shellshocker fix script?
Would you please remove the suggestion to pipe the output of curl directly into bash? This is a very bad security practice. To prove this, please see my example here:...
Without a License it's unclear who can legally use the shellshocker code and how.
For your reference: http://bugs.centos.org/view.php?id=4582 https://bugzilla.redhat.com/show_bug.cgi?id=482826 The latest Shellshocker patch triggers this bug. In short, "/etc/sysconfig/network-scripts/network-functions" does not work under bash 4.x - which is applied as part of the Shellshocker...
This will check if the server is running cPanel, then it will check if WGET has HTTPS support, if it doesn't it will remove the current WGET RPM and install...
env: Ubuntu 14.04 LTE I tried the command curl https://shellshocker.net/fixbash | sh and finished the patch. But using a known test script it still showed CVE-2014-7186 was not fixed yet....
Only some of the static public facing content is in this report and not actually the /shock file. So the website is still a "black box".
