近日,Red Hat的安全团队发现一个高危漏洞Shellshock。
附:https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
本地测试:
>env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
如果输出:
vulnerable
this is a test
...