echo "Testing Exploit 1 (CVE-2014-6271)"
CVE6271="$(env x='() { :;}; echo -n V' bash -c : 2>/dev/null)"
[ "${CVE7187}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"
echo "Testing Exploit 2 (CVE-2014-7169)"
CVE7169="$(env X='() { (4lpi.com)=>\' bash -c "echo date" 2>/dev/null; cat echo
2>/dev/null; rm -f echo)"
[ ! "${CVE7169}" == "date" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"
echo "Testing Exploit 3 (CVE-2014-6277)"
CVE6277="$(env -i X=' () { }; echo -n V' bash -c :)"
[ "${CVE6277}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"
echo "Testing Exploit 4 (CVE-2014-7186)"
CVE7186="$(bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF
<<EOF <<EOF <<EOF <<EOF <<EOF' 2>/dev/null ||echo -n V)"
[ "${CVE7186}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"
echo "Testing Exploit 5 (CVE-2014-7187)"
CVE7187="$((for x in {1..200}; do echo "for x$x in ; do :"; done; for x in
{1..200}; do echo done; done) |bash 2>/dev/null ||echo -n V)"
[ "${CVE7187}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLEā
Good luck ;-)
On Sep 30, 2014, at 13:54, Jung-uk Kim <j...@freebsd.org> wrote:
> On 2014-09-29 12:13:15 -0400, Bryan Drewery wrote:
>> On 9/29/2014 11:01 AM, Mike Tancsa wrote:
>>> On 9/26/2014 5:01 PM, Bryan Drewery wrote:
>>>> On 9/26/2014 12:41 PM, Bryan Drewery wrote:
>>>>> On 9/26/2014 11:51 AM, Bryan Drewery wrote:
>>>>>> On 9/26/2014 11:46 AM, Bartek Rutkowski wrote:
>>>>>>> Apparently, the full fix is still not delivered, accordingly to this:
>>>>>>> http://seclists.org/oss-sec/2014/q3/741
>>>>>>>
>>>>>>> Kind regards,
>>>>>>> Bartek Rutkowski
>>>>>>>
>>>>>>
>>>>>> I'm pretty sure they call that a "feature". This is a bit different.
>>>>
>>>> I've disabled environment function importing in the port. Using
>>>> --import-functions will allow it to work if you need it.
>>>
>>> Hi Bryan,
>>> With the latest ports, bashcheck still sees some issues with bash.
>>> Are these false positives on FreeBSD ?
>>>
>>> Using
>>> https://raw.githubusercontent.com/hannob/bashcheck/master/bashcheck
>>>
>>> Not vulnerable to CVE-2014-6271 (original shellshock)
>>> Not vulnerable to CVE-2014-7169 (taviso bug)
>>> ./bashcheck: line 18: 54908 Segmentation fault (core dumped) bash
>>> -c "true $(printf '<<EOF %.0s' {1..79})" 2> /dev/null
>>> Vulnerable to CVE-2014-7186 (redir_stack bug)
>>> Test for CVE-2014-7187 not reliable without address sanitizer
>>> Variable function parser inactive, likely safe from unknown parser bugs
>>>
>>> ---Mike
>>
>> Yes we have not applied the RedHat fix for CVE-2014-7186 or CVE-2014-7187.
>
> Applying the first patch for parse.y from the following post passed the
> tests for me.
>
> http://www.openwall.com/lists/oss-security/2014/09/25/32
>
> In fact, all major Linux distros seem to use it now.
>
> FYI,
>
> Jung-uk Kim
> _______________________________________________
> freebsd-secur...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
--
Jason Hellenthal
Mobile: +1 (616) 953-0176
jhellent...@dataix.net
JJH48-ARIN
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
