[aklug] really good checker for all known shellshock / bash bug variants

From: Royce Williams <royce@tycho.org>
Date: Fri Oct 03 2014 - 10:44:12 AKDT

https://github.com/hannob/bashcheck/blob/master/bashcheck

$ ./bashcheck
Testing /bin/bash ...
GNU bash, version [redacted]

Variable function parser inactive, bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Not vulnerable to CVE-2014-6278 (lcamtuf bug #2)

Royce
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Fri Oct 3 10:45:07 2014

This archive was generated by hypermail 2.1.8 : Fri Oct 03 2014 - 10:45:07 AKDT