Tavis Ormandy on Twitter: "The bash patch seems incomplete to me, function parsing is still brittle. e.g. $ env X='() { (a)=&ampampampampampampampampampampampampampampampampampampampampampampampampampampampampgt;\' sh -c "echo date"; cat echo" / Twitter - discu.eu

Reddit

Bash still vulnerable after update? https://twitter.com/taviso/status/514887394294652929 3 comments 24/9/2014 sysadmin

Linking pages

Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271, CVE-2014-7169) - Red Hat Customer Portal https://access.redhat.com/articles/1200223 4 comments
GitHub - hannob/bashcheck: test script for shellshocker and related vulnerabilities https://github.com/hannob/bashcheck 3 comments

Related searches:

Search whole site: site:twitter.com

Search title: Tavis Ormandy on Twitter: "The bash patch seems incomplete to me, function parsing is still brittle. e.g. $ env X='() { (a)=&ampampampampampampampampampampampampampampampampampampampampampampampampampampampampgt;\' sh -c "echo date"; cat echo" / Twitter

See how to search.

Submit link to: