{"id":405,"date":"2014-09-27T00:14:25","date_gmt":"2014-09-26T15:14:25","guid":{"rendered":"http:\/\/blog.mamimu.me\/fishblue\/?p=405"},"modified":"2014-09-27T00:15:05","modified_gmt":"2014-09-26T15:15:05","slug":"shellshock%ef%bc%88bash%e3%81%ae%e8%84%86%e5%bc%b1%e6%80%a7%ef%bc%89cve-2014-6271","status":"publish","type":"post","link":"https:\/\/blog.mamimu.me\/fishblue\/?p=405","title":{"rendered":"ShellShock\uff08Bash\u306e\u8106\u5f31\u6027\uff09CVE-2014-6271"},"content":{"rendered":"<p>\u8d85\u5f29\u7d1a\u306e\u8106\u5f31\u6027\u304c\u767a\u898b\u3055\u308c\u307e\u3057\u305f\u3002<br \/>\n<a href=\"https:\/\/www.jpcert.or.jp\/at\/2014\/at140037.htmlhttp:\/\/\">GNU bash \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u6ce8\u610f\u559a\u8d77<\/a><\/p>\n<p>Bash\u306e\u8106\u5f31\u6027\u306a\u306e\u3067\u307b\u307c\u5168\u3066\u306eLinux\u306f\u5bfe\u8c61\u3067\u3059\u3002apache\u306a\u3069\u306eWEB\u30b5\u30fc\u30d0\u3092\u8d77\u52d5\u3057\u3066\u3044\u308b\u3068\u4f59\u8a08\u306b\u30de\u30ba\u3044\u3067\u3059\u3002<\/p>\n<p>\u4e00\u5fdc\u3001\u6628\u65e5\u3001\u672c\u65e5\u3067\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306f\u3057\u307e\u3057\u305f\u3002\uff08\u6628\u65e5\u306e\u30d1\u30c3\u30c1\u304c\u30a4\u30de\u30a4\u30c1\u306e\u3067\u304d\u3060\u3063\u305f\u306e\u3067\u672c\u65e5\u518d\u5ea6\u30d1\u30c3\u30c1\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u307e\u3057\u305f\uff09<br \/>\n\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3082\u7d42\u308f\u3063\u305f\u306e\u3067\u30ed\u30b0\u3092\u898b\u3066\u307f\u308b\u3068\u4ee5\u4e0b\u306e\u30ed\u30b0\u304c\u3042\u308a\u307e\u3057\u305f\u3002<br \/>\n209.126.230.72 &#8211; &#8211; [25\/Sep\/2014:12:22:15 +0900] &#8220;GET \/ HTTP\/1.0&#8221; 200 14 &#8220;() { :; }; ping -c 11 209.126.230.74&#8221; &#8220;shellshock-scan (ht<br \/>\ntp:\/\/blog.erratasec.com\/2014\/09\/bash-shellshock-scan-of-internet.html)&#8221;<\/p>\n<p>\u8106\u5f31\u6027\u306e\u3042\u308b\u30b5\u30a4\u30c8\u3092\u30c1\u30a7\u30c3\u30af\u3057\u3066\u308b\u306e\u304b\uff1f\u3068\u601d\u3063\u305f\u3093\u3067\u3059\u304c\u30fb\u30fb\u30fb<\/p>\n<p>http:\/\/blog.erratasec.com\u3092\u8abf\u3079\u308b\u3068\u82f1\u8a9e\u306e\u30b5\u30a4\u30c8\u306a\u3093\u3067\u3059\u304c\u5802\u3005\u3068\u8a18\u4e8b\u540d\u300cBash &#8216;shellshock&#8217; scan of the Internet\u300d\u3067\u30d6\u30ed\u30b0\u306b\u30a2\u30c3\u30d7\u3057\u3066\u308b\u3093\u3067\u3059\u3088\u306d\u3002<br \/>\nhttp:\/\/www.aguse.jp\u3067\u8abf\u3079\u308b\u3068\u30de\u30eb\u30a6\u30a7\u30a2\u306a\u3069\u3082\u4ed5\u8fbc\u3093\u3067\u306f\u3044\u306a\u3044\u3088\u3046\u3067\u3059\u3002<br \/>\nIP\u7ba1\u7406\u8005\u306fGoogle\u3067\u3057\u305f\u3002\uff08\u30d6\u30ed\u30b0\u3082\u30b0\u30fc\u30b0\u30eb\u30d6\u30ed\u30b0\u3067\u3057\u305f\uff09<\/p>\n<p>\u3060\u3068\u3059\u308b\u3068\u4f55\u304b\u4ed5\u8fbc\u3080\u305f\u3081\u306b\u30a2\u30af\u30bb\u30b9\u3057\u306b\u7740\u305f\u308f\u3051\u3067\u306f\u306a\u3044\uff1f\uff1f\uff1f<br \/>\n<script type=\"text\/javascript\"><!--\ngoogle_ad_client = \"ca-pub-9128529039742412\";\n\/* for wordpress *\/\ngoogle_ad_slot = \"0240515414\";\ngoogle_ad_width = 468;\ngoogle_ad_height = 60;\n\/\/-->\n<\/script><br \/>\n<script type=\"text\/javascript\"\nsrc=\"https:\/\/pagead2.googlesyndication.com\/pagead\/show_ads.js\">\n<\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u8d85\u5f29\u7d1a\u306e\u8106\u5f31\u6027\u304c\u767a\u898b\u3055\u308c\u307e\u3057\u305f\u3002 GNU bash \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u6ce8\u610f\u559a\u8d77 Bash\u306e\u8106\u5f31\u6027\u306a\u306e\u3067\u307b\u307c\u5168\u3066\u306eLinux\u306f\u5bfe\u8c61\u3067\u3059\u3002apache\u306a\u3069\u306eWEB\u30b5\u30fc\u30d0\u3092\u8d77\u52d5\u3057\u3066\u3044\u308b\u3068\u4f59\u8a08\u306b\u30de\u30ba\u3044\u3067\u3059\u3002 \u4e00\u5fdc\u3001\u6628\u65e5\u3001\u672c\u65e5\u3067\u30a2\u30c3<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,4],"tags":[],"class_list":["post-405","post","type-post","status-publish","format-standard","hentry","category-linux","category-4"],"_links":{"self":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/posts\/405","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=405"}],"version-history":[{"count":0,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=\/wp\/v2\/posts\/405\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=405"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=405"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mamimu.me\/fishblue\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}