not getting the right response to vulnerability test

Bob Scott sandcastlebob at gmail.com
Sun Oct 5 11:33:28 UTC 2014


I used "env x='() { :;}; echo vulnerable' bash -c 'echo hello'", discovered
I was vulnerable then performed upgrade. The subsequent test results in the
response "hello" without the bash statements:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'

Does the absence of "vulnerable" mean the updating was successful?

I am using Kubuntu 14.04

Thanks,
Bob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20141005/59b0d2c1/attachment.html>


More information about the kubuntu-users mailing list