Thread: Sailfish OS bash shell is affected by the #shellshock bug
View Single Post
szopin is offline szopin
2014-09-25 , 19:21
Posts: 2,076 | Thanked: 3,268 times | Joined on Feb 2011
#21
Originally Posted by pichlo View Post
Just tested on my N900 (Bash4).
Code:
~ $ env x='() { :;}; echo vulnerable'  
bash -c "echo this is a test"
vulnerable
this is a test
~ $
So just uninstall bash, busybox with sh is safe

Probably more worrying for n900 is the apt-get vulnerability (do you apt-get upgrade vulnerable apt-get to get safe apt-get???), didn't see a thread about it:
https://lists.debian.org/debian-secu.../msg00212.html
https://lists.debian.org/debian-secu.../msg00216.html
https://lists.debian.org/debian-secu.../msg00219.html
Last edited by szopin; 2014-09-25 at 20:10.
 

The Following 2 Users Say Thank You to szopin For This Useful Post: