bash-3.1, Shellshock issue, specially CVE-2014-7187.

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bash-3.1, Shellshock issue, specially CVE-2014-7187.

From:	yutingkao23
Subject:	bash-3.1, Shellshock issue, specially CVE-2014-7187.
Date:	Fri, 14 Nov 2014 14:25:13 +0800

Configuration Information [Automatically generated, do not change]:
Machine: i686
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS:  -DPROGRAM='bash' -DCONF_HOSTTYPE='i686' 
-DCONF_OSTYPE='linux-gnu' -DCONF_MACHTYPE='i686-pc-linux-gnu' -$
uname output: Linux yutingkao23-desktop 2.6.32-38-generic #83-Ubuntu SMP Wed 
Jan 4 11:13:04 UTC 2012 i686 GNU/Linux
Machine Type: i686-pc-linux-gnu

Bash Version: 3.1
Patch Level: 23
Release Status: release

Description:
        Where I test `(for x in {1..200} ; do echo "for x$x in ; do :"; done; 
for x in {1..200} ; do echo done ; done) | bas$
        It shows
                bash: line 46: syntax error near unexpected token `;'
                bash: line 46: `for x46 in ; do :'
                CVE-2014-7187 vulnerable, word_lineno" 

        Does bash-3.1 with patch 23 fix the CVE-2014-7187 already ?

Repeat-By:
        Everytime

[Prev in Thread]

Current Thread

[Next in Thread]

bash-3.1, Shellshock issue, specially CVE-2014-7187., yutingkao23 <=
- Re: bash-3.1, Shellshock issue, specially CVE-2014-7187., Eric Blake, 2014/11/14
- Re: bash-3.1, Shellshock issue, specially CVE-2014-7187., Chet Ramey, 2014/11/14
- Re: bash-3.1, Shellshock issue, specially CVE-2014-7187., Vettel_Kao高毓廷, 2014/11/17

Prev by Date: Tab completion and ':'s
Next by Date: Re: set -o notify spurious CR when jobs redirected to file
Previous by thread: Tab completion and ':'s
Next by thread: Re: bash-3.1, Shellshock issue, specially CVE-2014-7187.
Index(es):
- Date
- Thread