CS 450/650 Fundamentals of Integrated Computer Security

Fall 2014

Lab 2 : Bash Vulnerability

Due on Tuesday, Oct 7 at 1:00 pm

Overview

In this lab you will investigate the recent vulnerability identified in the Bash shell. You would find the information in technical blogs and news articles.

1. Provide a brief overview of the vulnerability and how it can be exploited.

2. Provide a simple command to test vulnerability of a system. (You may test your own systems for vulnerability but avoid probing non-personal systems.)

3. Which Operating Systems are affected by the vulnerability? Are there non-PC devices that we should be concerned of?

4. How long has the vulnerability been present?

5. How long it took for patches to be deployed? Did they work?

What to turn in: A softcopy of your solutions (could be a scanned version of the hard copy of the solutions) to be uploaded to WebCT.