Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 28 Sep 2014 16:04:55 -0500
From:      Mark Felder <feld@FreeBSD.org>
To:        freebsd-questions@freebsd.org
Subject:   Re: BASH Shellshock and FreeBSD 4.X
Message-ID:  <1411938295.1187673.172706457.3022C573@webmail.messagingengine.com>
In-Reply-To: <CAFBwhDY-dmS476OPWEBnj=TtywDQnCA8scOEmWdoxQwB_KNb6g@mail.gmail.com>
References:  <CAFBwhDY-dmS476OPWEBnj=TtywDQnCA8scOEmWdoxQwB_KNb6g@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help


On Sun, Sep 28, 2014, at 15:59, Everett Batey wrote:
> Severely stuck in Time - OLD FBSD .. any bright ideas around /bin/bash
> risks AND NOT DONT TELL ME UPDATE FBSD .. - Dependencies I can NOT
> escape ..
> 

Is bash the default shell of the system? The default shell of any users
running exposed services? If not, it's not exploitable. Just having bash
installed doesn't make you vulnerable.

> On other hand for FreeBSD 9.1-RELEASE-p7 is there an equivalent of yum
> update bash?
> 

pkg upgrade bash



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1411938295.1187673.172706457.3022C573>