一、检测方法
1、redhat、centos
运行命令:$ sudo env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
如果返回以下内容:则请尽快升级。
vulnerable
this is test
二、解决方案--升级bash
1、redhat、centos
运行:
#yum clean all
#yum -y update bash
2.debian、ubuntu
运行:
$sudo apt-get update
$sudo apt-get upgrade
最后测试(以ubuntu为例):
test@bogon:~$ sudo env x="() { :;}; echo vulnerable" bash -c "echo this is test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is test
1、redhat、centos
运行命令:$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
运行命令:$ sudo env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
如果返回以下内容:则请尽快升级。
vulnerable
this is test
二、解决方案--升级bash
1、redhat、centos
运行:
#yum clean all
#yum -y update bash
2.debian、ubuntu
运行:
$sudo apt-get update
$sudo apt-get upgrade
最后测试(以ubuntu为例):
test@bogon:~$ sudo env x="() { :;}; echo vulnerable" bash -c "echo this is test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is test
返回以上内容表示已升级成功
938
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
