https://arolstar52-zhtest.hf.space/index.php?action=history&feed=atom&title=Shellshock
Shellshock - 版本历史
2026-06-26T17:03:58Z
在这个wiki上该页的修订历史
MediaWiki 1.43.8
https://arolstar52-zhtest.hf.space/index.php?title=Shellshock&diff=2464901&oldid=prev
imported>S8321414 来自 2023年11月29日 (三) 03:28
2023-11-29T03:28:06Z
<p></p>
<p><b>新页面</b></p><div>{{noteTA<br />
|G1=IT<br />
}}<br />
{{Expand language|en|time=2023-11-29T03:28:06+00:00}}<br />
{{Infobox bug<br />
| name = Shellshock<br />
| image = Shellshock-bug.png<br />
| image_size = 180px<br />
| caption = <br />
| CVE = {{CVE|2014-6271}},<br/>{{CVE|2014-6277}},<br/> {{CVE|2014-6278}},<br/> {{CVE|2014-7169}},<br/> {{CVE|2014-7186}},<br/> {{CVE|2014-7187}}<br />
| discovered = {{Start date and age|2014|9|12|df=yes}}<br />
| patched = {{Start date and age|2014|9|24|df=yes}}<br />
| discoverer = Stéphane Chazelas<br />
| affected software = [[Bash]] (1.0.3–4.3)<br />
| website =<br />
}}<br />
'''Shellshock''',又称'''Bashdoor'''<ref name="NYT-20140925-NP">{{cite news |last=Perlroth |first=Nicole |title=Security Experts Expect ‘Shellshock’ Software Bug in Bash to Be Significant |url=http://www.nytimes.com/2014/09/26/technology/security-experts-expect-shellshock-software-bug-to-be-significant.html |date=25 September 2014 |work=[[纽约时报|New York Times]] |accessdate=25 September 2014 |archive-date=2014-10-06 |archive-url=https://web.archive.org/web/20141006124701/http://www.nytimes.com/2014/09/26/technology/security-experts-expect-shellshock-software-bug-to-be-significant.html |dead-url=no }}</ref>,是在[[Unix]]中广泛使用的[[Bash|Bash shell]]中的一个[[安全漏洞]]<ref name="TSM-20140927">虽然一些消息来源将Shellshock称为“病毒”,但它其实是某些操作系统自带程序中的编写错误。参见 => {{cite web |author=Staff |title=What does the "Shellshock" bug affect? |url=http://www.thesafemac.com/what-does-the-shellshock-bug-affect/ |date=25 September 2014 |work=The Safe Mac |accessdate=27 September 2014 |archive-date=2014-09-29 |archive-url=https://web.archive.org/web/20140929053202/http://www.thesafemac.com/what-does-the-shellshock-bug-affect/ |dead-url=yes }}</ref>,首次于2014年9月24日公开。许多互联网[[守护进程]],如网页服务器,使用bash来处理某些命令,从而允许攻击者在易受攻击的Bash版本上[[任意代码执行|执行任意代码]]。这可使攻击者在未授权的情况下访问计算机系统<ref name="ZDN-20140929">{{cite web |last=Seltzer |first=Larry |title=Shellshock makes Heartbleed look insignificant |url=http://www.zdnet.com/shellshock-makes-heartbleed-look-insignificant-7000034143/ |date=29 September 2014 |work=[[ZD Net]] |accessdate=29 September 2014 |archive-date=2016-05-14 |archive-url=https://web.archive.org/web/20160514191755/http://www.zdnet.com/article/hackers-jump-on-the-shellshock-bash-bandwagon/ |dead-url=no }}</ref>。<br />
<br />
==歷史==<br />
==缺陷報告==<br />
<br />
== 参考 ==<br />
{{reflist|30em}}<br />
<br />
{{Portal bar|互联网}}<br />
<br />
{{Hacking}}<br />
<br />
[[Category:注入漏洞]]<br />
[[Category:互联网安全]]<br />
[[Category:程式錯誤]]</div>
imported>S8321414