[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bash-3.1, Shellshock issue, specially CVE-2014-7187.

From: yutingkao23
Subject: bash-3.1, Shellshock issue, specially CVE-2014-7187.
Date: Fri, 14 Nov 2014 14:25:13 +0800

Configuration Information [Automatically generated, do not change]:
Machine: i686
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS:  -DPROGRAM='bash' -DCONF_HOSTTYPE='i686' 
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='i686-pc-linux-gnu' -$
uname output: Linux yutingkao23-desktop 2.6.32-38-generic #83-Ubuntu SMP Wed 
Jan 4 11:13:04 UTC 2012 i686 GNU/Linux
Machine Type: i686-pc-linux-gnu

Bash Version: 3.1
Patch Level: 23
Release Status: release

        Where I test `(for x in {1..200} ; do echo "for x$x in ; do :"; done; 
for x in {1..200} ; do echo done ; done) | bas$
        It shows
                bash: line 46: syntax error near unexpected token `;'
                bash: line 46: `for x46 in ; do :'
                CVE-2014-7187 vulnerable, word_lineno" 

        Does bash-3.1 with patch 23 fix the CVE-2014-7187 already ?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]