Tag
bash
Safeguard articles tagged "bash" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
Shellshock (CVE-2014-6271) Explained: RCE Hiding in Bash Environment Variables
CVE-2014-6271, Shellshock, let attackers run commands by smuggling code into environment variables that Bash parsed as function definitions. Reachable over HTTP, DHCP, and SSH. Here is how.
Jul 5, 20265 min read
Incident Analysis
Shellshock, Five Years On: The Lessons That Stuck
Five years after CVE-2014-6271, Shellshock remains the clearest case study in how one interpreter bug becomes thousands of downstream holes.
Sep 24, 20196 min read