Inasmuch as, there apparently is now a fuzz test script(courtesy of Michal
Zalewski, <
http://lcamtuf.blogspot.ie/2014/10/bash-bug-how-we-finally-cracked.html >
that identifies the bash bug...
I believe it would be interesting to measure the combinatorial coverage of
the fuzz tests. So we would
Hello Chet,
Re: testing for Shellshock... would like your feedback... specifically,
regarding the possibility of human-directed combinatorial testing to find this
Bash vulnerability...
Given the knowledge about Shellshock that's been developed, I'm wanting to
define more of the attack surface
