Created on 10-17-2016 06:46 AM Edited on 04-06-2022 10:21 AM By Anonymous
Description
Here is an explanation of how the vulnerability works:
http://seclists.org/oss-sec/2014/q3/650
1 - Please SSH into the Console of AO (Super, Worker, or Collector) as root
2 - Run the following Command:
vulnerable
this is a test
1 - cd /etc/yum.repos.d
2 - cp ../yum.repos.d.orig/CentOS-* /etc/yum.repos.d/
3 - yum update bash -y
4 - Test Again: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test
NOTE: Latest Bash patch will have the following result only:
this is a test
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.