Just another site

Subgraph Vega module for Bash Environment Variable OS Command Injection Vulnerability (CVE-2014-6271)


The Subgraph Blog

Today, a critical and trivially remotely exploitable vulnerability was announced in bash. To help users of our Vega web application scanner to identify this vulnerability, we have a released a basic standalone module to detect this vulnerability in web applications.

The module works by testing some HTTP header values and also checks web application parameters. This should be adequate to detect this vulnerability in CGI setups where HTTP header values are turned into bash environment variables but it should also detect cases where user-supplied input is passed through functions that spawn subshells such as system(), exec(), popen() in various languages. We will refine the module as more information becomes available and we are able to test it more.

This module is a good example of the power of Vega to quickly create proofs-of-concept in Javascript using the powerful API.

The module can be obtained here. It can be…

View original post 40 more words


Written by meditationatae

September 24, 2014 at 11:48 pm

Posted in History

%d bloggers like this: