ShellShock – JRevell.com

BASH Vulnerability – ShellShock

October 11, 2014December 10, 2014PersonalNo Comments

Last month I blogged about the newest vulnerability in BASH. This has an official name now “ShellShock” and looks to be exploited in the wild with the botnet Mayhem which is aimed towards Linux systems. Unfortunately it’s not just web servers which are vulnerable. There’s lots of devices out there…

Remote Vulnerability in BASH

September 25, 2014December 10, 2014ComputersNo Comments

There’s been a report of a new code injection attack in Linux, using environment variables. In order to test to see if your system is vulnerable, run the following code from SSH: env x='() { :;}; echo vulnerable' bash -c "echo this is a test" If your OK, you should…