Context Navigation

bashcheck @ 105afb5

Last change on this file since 105afb5 was c5c522c, checked in by Edwin Eefting <edwin@datux.nl>, 8 years ago
initial commit, transferred from cleaned syn3 svn tree
Property mode set to `100755`
File size: 1.4 KB

Rev	Line
[c5c522c]	1	#!/bin/bash
	2
	3	r=`x="() { :; }; echo x" bash -c ""`
	4	if [ -n "$r" ]; then
	5	echo -e '\033[91mVulnerable to CVE-2014-6271 (original shellshock)\033[39m'
	6	else
	7	echo -e '\033[92mNot vulnerable to CVE-2014-6271 (original shellshock)\033[39m'
	8	fi
	9
	10	cd /tmp;rm echo 2>/dev/null
	11	X='() { function a a>\' bash -c echo 2>/dev/null > /dev/null
	12	if [ -e echo ]; then
	13	echo -e "\033[91mVulnerable to CVE-2014-7169 (taviso bug)\033[39m"
	14	else
	15	echo -e "\033[92mNot vulnerable to CVE-2014-7169 (taviso bug)\033[39m"
	16	fi
	17
	18	bash -c "true $(printf '<<EOF %.0s' {1..79})" 2>/dev/null
	19	if [ $? != 0 ]; then
	20	echo -e "\033[91mVulnerable to CVE-2014-7186 (redir_stack bug)\033[39m"
	21	else
	22	echo -e "\033[92mNot vulnerable to CVE-2014-7186 (redir_stack bug)\033[39m"
	23	fi
	24
	25	bash -c "`for i in {1..200}; do echo -n "for x$i in; do :;"; done; for i in {1..200}; do echo -n "done;";done`" 2>/dev/null
	26	if [ $? != 0 ]; then
	27	echo -e "\033[91mVulnerable to CVE-2014-7187 (nessted loops off by one)\033[39m"
	28	else
	29	echo -e "\033[96mTest for CVE-2014-7187 not reliable without address sanitizer\033[39m"
	30	fi
	31
	32	r=`a="() { echo x;}" bash -c a 2>/dev/null`
	33	if [ -n "$r" ]; then
	34	echo -e "\033[93mVariable function parser still active, likely vulnerable to yet unknown parser bugs like CVE-2014-6277 (lcamtuf bug)\033[39m"
	35	else
	36	echo -e "\033[92mVariable function parser inactive, likely safe from unknown parser bugs\033[39m"
	37	fi
	38

Note: See TracBrowser for help on using the repository browser.