关联漏洞
标题:
GNU Bash 远程代码执行漏洞
(CVE-2014-6271)
描述:GNU Bash是美国软件开发者布莱恩-福克斯(Brian J. Fox)为GNU计划而编写的一个Shell(命令语言解释器),它运行于类Unix操作系统中(Linux系统的默认Shell),并能够从标准输入设备或文件中读取、执行命令,同时也结合了一部分ksh和csh的特点。 GNU Bash 4.3及之前版本中存在安全漏洞,该漏洞源于程序没有正确处理环境变量值内的函数定义。远程攻击者可借助特制的环境变量利用该漏洞执行任意代码。以下产品和模块可能会被利用:OpenSSH sshd中的ForceComman
描述
Collected fixes for bash CVE-2014-6271
介绍
CVE-2014-6271 patches for bash
The original mailing list post only lets you fetch the patches over
unauthenticated HTTP. *Sigh*
I've downloaded these over HTTP and put them into a git repository that you can
fetch over HTTPS and check independently.
I have not checked whether these files are authentic, but you can check
independently whether you have the same files.
- [Original announcement](announcement.txt)
- [SHA256SUMS](SHA256SUMS)
== Upstream patches ==
Retrieved from `http://ftp.gnu.org/pub/gnu/bash/bach-*-patches/`
- [upstream/bash30-017](upstream/bash30-017)
- [upstream/bash31-018](upstream/bash31-018)
- [upstream/bash32-052](upstream/bash32-052)
- [upstream/bash40-039](upstream/bash40-039)
- [upstream/bash41-012](upstream/bash41-012)
- [upstream/bash42-048](upstream/bash42-048)
- [upstream/bash43-025](upstream/bash43-025)
== Debian ==
Retrieved using apt-get source bash (version 4.2+dfsg-0.1+deb7u1). I'm not
sure if apt did a gpg signature check on this.
- [debian/CVE-2014-6271.diff](debian/CVE-2014-6271.diff)
== My own patches ==
- [dlitz/CVE-2014-6271\_4.3-9.diff](dlitz/CVE-2014-6271_4.3-9.diff)
- This is bash43-025 applied to Debian bash 4.3-9 (from sid)
== SHA256SUMS ==
- [SHA256SUMS](SHA256SUMS)
<pre>
427c3ba3e0d6ea29b8ddbfc2fa48f0f90fbd68d38501a409ba0beb73840245d3 upstream/bash30-017
80f15b2719f3acd746edbe828f23b80116ca033b870120301256131eaa5050b3 upstream/bash31-018
a0eccf9ceda50871db10d21efdd74b99e35efbd55c970c400eeade012816bb61 upstream/bash32-052
09de2a4309fdcdff470754357073b6e9b1e4662add5981888acba27a53954a1e upstream/bash40-039
272e24a9a2802e896b20dae7c88d6a34b8dc89692c9bc90542cd4bda77607b6d upstream/bash41-012
751a5d2330b21ac9aba7323acbbc91c948285f30a4bb41f56796f9a36b983d24 upstream/bash42-048
1e5186f5c4a619bb134a1177d9e9de879f3bb85d9c5726832b03a762a2499251 upstream/bash43-025
a197e03ea8e39d7f0cda14367bae1e5880384d50235516dfcd20921dc3810e57 debian/CVE-2014-6271.diff
</pre>
文件快照
[4.0K] /data/pocs/869637617971779d6a284409e48329025dc36ff6
├── [4.2K] announcement.txt
├── [4.0K] debian
│ └── [2.5K] CVE-2014-6271.diff
├── [4.0K] dlitz
│ └── [3.5K] CVE-2014-6271_4.3-9.diff
├── [1.9K] README.md
├── [ 874] SHA256SUMS
└── [4.0K] upstream
├── [3.2K] bash30-017
├── [3.1K] bash31-018
├── [3.2K] bash32-052
├── [3.2K] bash40-039
├── [3.2K] bash41-012
├── [3.2K] bash42-048
└── [3.8K] bash43-025
3 directories, 12 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。