Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Bash vulnerability
Special Forums News, Links, Events and Announcements Bash vulnerability Post 302918691 by vbe on Thursday 25th of September 2014 04:29:56 AM
Old 09-25-2014
Im still half asleep at work but will keep an eye on it, interested to see how it can be exploited
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

passing variable from bash to perl from bash script

Hi All, I need to pass a variable to perl script from bash script, where in perl i am using if condition. Here is the cmd what i am using in perl FROM_DATE="06/05/2008" TO_DATE="07/05/2008" "perl -ne ' print if ( $_ >="$FROM_DATE" && $_ <= "$TO_DATE" ) ' filename" filename has... (10 Replies)
Discussion started by: arsidh
10 Replies

2. Shell Programming and Scripting

bash and ksh: variable lost in loop in bash?

Hi, I use AIX (ksh) and Linux (bash) servers. I'm trying to do scripts to will run in both ksh and bash, and most of the time it works. But this time I don't get it in bash (I'm more familar in ksh). The goal of my script if to read a "config file" (like "ini" file), and make various report.... (2 Replies)
Discussion started by: estienne
2 Replies

3. Shell Programming and Scripting

how to make your bash script run on a machine with csh and bash

hi, i have a script that runs on bash and would like to run it on a machine that has csh and bash. the default setting on that machine is csh. i dont want to change my code to run it with a csh shell. is there any way i can run the script (written in bash) on this machine? in other words is there... (3 Replies)
Discussion started by: npatwardhan
3 Replies

4. UNIX for Dummies Questions & Answers

Im new to bash scriping and i found this expression on a bash script what does this mean.

# check host value regex='^(||1|2|25)(\.(||1|2|25)){3}$' if ')" != "" ]; then if ]; then echo host $host not found exit 4 fi elif ]; then echo $host is an invalid host address exit 5 fi espeacailly the top regex part? ---------- Post updated at 06:58 PM ---------- Previous update was... (1 Reply)
Discussion started by: kevin298
1 Replies

5. Solaris

Solaris bash vulnerability update

The patch blog has: https://blogs.oracle.com/patch/entry/solaris_idrs_available_on_mos information on dealing with bash 'shellshock' vulnerability. (3 Replies)
Discussion started by: jim mcnamara
3 Replies

6. Shell Programming and Scripting

Bash to select text and apply it to a selected file in bash

In the bash below I am asking the user for a panel and reading that into bed. Then asking the user for a file and reading that into file1.Is the grep in bold the correct way to apply the selected panel to the file? I am getting a syntax error. Thank you :) ... (4 Replies)
Discussion started by: cmccabe
4 Replies

7. Shell Programming and Scripting

How to run several bash commands put in bash command line?

How to run several bash commands put in bash command line without needing and requiring a script file. Because I'm actually a windows guy and new here so for illustration is sort of : $ bash "echo ${PATH} & echo have a nice day!" will do output, for example:... (4 Replies)
Discussion started by: abdulbadii
4 Replies

8. Shell Programming and Scripting

Different behavior between bash shell and bash script for cmd

So I'm trying to pass certain json elements as env vars and use them later on in a script. Sample json: JSON='{ "Element1": "file-123456", "Element2": "Name, of, company written in, a very weird way", "Element3": "path/to/some/file.txt", }' (part of the) script: for s... (5 Replies)
Discussion started by: da1
5 Replies

9. UNIX for Beginners Questions & Answers

Escape bash-special character in a bash string

Hi, I am new in bash scripting. In my work, I provide support to several users and when I connect to their computers I use the same admin and password, so I am trying to create a script that will only ask me for the IP address and then connect to the computer without having me to type the user... (5 Replies)
Discussion started by: arcoa05
5 Replies

10. UNIX for Beginners Questions & Answers

In Bash shell - the ps -ef shows only the /bin/bash but the script name is not displayed

In Bash shell - the ps -ef shows only the /bin/bash but the script name is not displayed ? Is there any way to get the script names for the process command ? --- Post updated at 08:39 AM --- in KSH (Korn Shell), my command output shows the script names but when run in the Bash Shell... (3 Replies)
Discussion started by: i4ismail
3 Replies

LEARN ABOUT DEBIAN

rats

RATS(1) 						      General Commands Manual							   RATS(1)

NAME

       rats - Rough Auditing Tool for Security

SYNOPSIS

       rats [options] [file]...

DESCRIPTION

       rats  is  a  rough auditing tool for security developed by Secure Software, Inc.  It is a tool for scanning C, Perl, PHP, and Python source
       code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use)  race  condi-
       tions.	As  its  name  implies,  the  tool performs only a rough analysis of source code.  It will not find every error and will also find
       things that are not errors.  Manual inspection of your code is still necessary, but greatly aided with this tool.

       When started, RATS will scan each file or each file in the directory specified on the command line and produce a report	when  scanning	is
       complete.   What  vulnerabilities  are reported in the final report depend on the data contained in the vulnerability database or databases
       that are used and the warning level in use.

       For each vulnerability, the list of files and line numbers where it occured is given, followed by a brief description of the  vulnerability
       and suggested action.

OPTIONS

       -h, --help
	      Displays a brief usage summary and exit.

       -a <fun>
	      Report any occurence of function 'fun' in the source file(s)

       -d <filename>, --database <filename>, --db <filename>
	      Specifies a vulnerability database to be loaded.	You may have multiple -d options and each database specified will be loaded.

       -i, --input
	      Causes a list of function calls that were used which accept external input to be produced at the end of the vulnerability report.

       -l <lang>, --language <language>
	      Force the specified language to be used regardless of filename extension.  Currently valid language names are "c", "perl", "php" and
	      "python".

       -r, --references
	      Causes references to vulnerable function calls that are not being used as calls themselves to be reported.

       -w <level>, --warning <level>
	      Sets the warning level. Valid levels are 1, 2 or 3.

	      1 includes only default and high severity.

	      2 includes medium severity (default).

	      3 includes low severity vulnerabilities.

       -x     Causes the default vulnerability databases (which are in the installation data directory, /usr/share/rats  by  default)  to  not	be
	      loaded.

       -R, --no-recurssion
	      Do not recurse subdirectories when encountered.

       --xml  Output in XML

       --html Output in HTML

       --follow-symlinks
	      Follow  symlinks	and treat them like whatever they are pointing to.  If the symlink points to a directory it will be descended into
	      unless -R is specified, if a pointing to a file, it will be treated as a file.

AUTHOR

       This manual page was orginally written by Adam Lazur <adam@lazur.org>, for the Debian GNU/Linux system (but may be used by others).

       Modified by Secure Software, Inc.

								September 17, 2001							   RATS(1)
All times are GMT -4. The time now is 03:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy