CESA-2014:1293 Critical CentOS 6 bash Security Update
http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html
SSH bash紧急安全补丁!重要!
测试是否存在漏洞,执行以下命令:
env t='() { :;}; echo You are vulnerable.’ bash -c "true"
如果显示You are vulnerable,很遗憾,必须立即打上安全补丁修复
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
CESA-2014:1293 Critical CentOS 6 bash Security Update
http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html
———————————————————————–
让我们看一下Centos6.5
[root@kinggoo.com~]# cat /etc/redhat-release CentOS release 6.5 (Final)
更新bash
[root@kinggoo.com ~]# yum update bash
更新命令及ldconfig后,在去使用测试命令
[root@kinggoo.com ~]# ldconfig
[root@kinggoo.com ~]# env t='() { :;}; echo You are vulnerable.' bash -c "true"
- THE END -
Category: Linux
https://access.redhat.com/articles/1200223