Shellshock - Bash Vulnerability Detector

Updated -

This script helps you confirm whether your system is susceptible to Bash code injection vulnerability.

Was this helpful?

We appreciate your feedback. Leave a comment if you would like to provide more detail.
It looks like we have some work to do. Leave a comment to let us know how we could improve.
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Get notified when this content is updated

Follow

Comments

Subscriber exclusive content

An active Red Hat subscription is required to participate.

Log In

This script doesn't seem to run ok on bash v2.05 (RHEL3, etc), any plans make it work on older bash versions?

Hi Timo,

Currently all versions of Bash v2.*(RHEL3) are vulnerable[1].

[1] - https://access.redhat.com/articles/1200223

Yes, but creating updated RPM with latest official patches from GNU Bash project was almost trivial, using latest bash SRPM from RHEL3 as starting point. And seems to fix the intended issues...
That's why I tested this script on old RHEL3 system, and notised the use of "=~" operator in the script...

Hi Timo,
I have updated the script and it should now run on RHEL3. Please let me know if you encounter any other problems.

Typo in the script :)
Vulnerable not vunerable