Posted on

Shellshock

Vulnerability in Bash

The so-called “shellshock” bug is a vulnerability found in bash which might become a really big issue for a lot of systems. In general bash can be found on a lot of Linux and Mac systems and therefore a lot of potential vulnerable systems.

Here the link to the CERT where you will find updates for the most important systems:
CERT

A very good explanation can be found on Troyhunt

Testing your own server can be easily done by executing:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"