MiracleLinux 4 : bash-4.1.2-15.AXS4.2 (AXSA:2014-554:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-554:02 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporat...

shellshocker-pocs

This repository contains a collection of Proof of Concepts PoCs and potential targets for the Shellshock vulnerability, also known as Bash Bug. The vulnerability affects the Bash shell and allows an attacker to execute arbitrary code by injecting malicious environment variables. The repository...

McAfee Email Gateway - Bash Shellshock Code Injection Exploit

A number of security vulnerabilities have been identified in the bash SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PHP 5.x / Bash Shellshock Proof of Concept

This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disablefunctions, safemode, etc...

Privacy Criticism Hits OSX Yosemite over Location Data

Apple has fixed a huge number of security vulnerabilities in OS X and iTunes and, at the same time, is being hit with criticisms about privacy issues in the new version of OS X. The latest version of the operating system, known as Yosemite, sends location information to Apple by default via the...

Bash Shellshock vulnerability simply explained-vulnerability warning-the black bar safety net

Preface The national day before the analysis of this vulnerability,see the security reference for readers to discuss,made a simple Bash Shellshock vulnerability description. Vulnerability overview Vulnerability the principle of popular point that is to bash the language in the definition of a...

CA20141001-01: Security Notice for Bash Shellshock Vulnerability

CA20141001-01: Security Notice for Bash Shellshock Vulnerability Issued: October 01, 2014 Updated: October 03, 2014 CA Technologies is investigating multiple GNU Bash vulnerabilities, referred to as the "Shellshock" vulnerabilities, which were publicly disclosed on September 24-27, 2014. CVE...

USN-2380-1 bash vulnerabilities

Michal Zalewski discovered that Bash incorrectly handled parsing certain function definitions. If an attacker were able to create an environment variable containing a function definition with a very specific name, these issues could possibly be used to bypass certain environment restrictions and...

Dennis Fisher and Mike Mimoso Discuss Bash, Shellshock and BadUSB

Dennis Fisher and Mike Mimoso talk about the Bash Shellshock bug nightmare and the BadUSB code release. Download: digitalunderground169.mp3 Music by Chris Gonsalves...

Bash Remote Code Execution (Shellshock)

The remote host is running a version of Bash that is vulnerable to command injection via environment variable manipulation. Depending on the configuration of the system, an attacker could remotely execute arbitrary code. TRUSTED...