Patches debian flaw Shellshock

IKoula teams made debian packages available to the community for versions that are no longer supported, namely:

These packages include fixes for vulnerabilities:

CVE-2014-6271-> Shellshock v1, the first version of the exploit of the flaw
CVE-2014-7169-> Shellshock v2, the second
CVE-2014-6277 & CVE-2014-6278-> other two flaws put forward during the ShellShock fault resolution.

To apply the procedure is as follows:

Create a working directory: # mkdir shellshock
And place you inside: # cd shellshock
Rehome the packages to be updated on the basis of those already installed on your system (verifiable with ' dpkg-l | ") grep bash"), for example: # wget ftp://mirror03.ikoula.com/pub/flaws/ShellShock/lenny64/bash_3.2-4-ikl2_amd64.deb
Perform the installation of the package: # dpkg-I bash_3.2 - 4 - ikl2_amd64.deb
Then check your vulnerability to various faults via the corresponding commands:
- Shellshock v1: # x =' () {:;}; echo vulnerable' bash-c "echo this is a test"
 If the return is:
```
vulnerable
This is a test
```
 Then you are vulnerable.
 
 Otherwise you will get a return as:
```
This is a test
```
- Shellshock v2: < code > # rm - fv echo; env X =' () {(a) => \' bash-c-"echo echo vuln";} [["$(cat echo)" == "vuln"]] & echo "always vulnerable"
 If the return is:
```
bash: X: line 1: syntax error near unexpected token '='
bash: X: line 1: "
bash: error importing function definition for 'X'
always vulnerable
```
 Then you're always vulnerable.
 Otherwise you will get a return as:
```
echo vuln
Cat: echo: No such file or directory
```
- On the last two faults: # foo =' () {echo vulnerable;}' bash-c foo
 If the return is:
```
vulnerable
```
 Then you're still vulnerable
 
 Otherwise you will have this return:
```
bash: foo: command not found
```