[GRLUG] CVE-2014-6271

[Michael Mol]

dhcpd passes client-proved values to shell scripts as environment variables. Also going to be a concern in CGI setups.

On September 24, 2014 3:08:42 PM EDT, Mark Farver <mfarver at mindbent.org> wrote:
>I think it is a stretch to label this remotely exploitable.  If an
>attacker
>has remote control of environment variables you have bigger problems.
>
>Mark
>On Sep 24, 2014 2:50 PM, "John Wesorick" <john at wesorick.com> wrote:
>
>> Ubuntu <http://www.ubuntu.com/usn/usn-2362-1/> and Debian
>>
><https://lists.debian.org/debian-security-announce/2014/msg00220.html>
>> were patched as well.
>>
>> On Wed, Sep 24, 2014 at 2:44 PM, Kevin McCarthy <signals42 at gmail.com>
>> wrote:
>>
>>> Figured I'd pass this along to the mailing list since it looks quite
>>> serious:
>>>
>>>
>>>
>http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html
>>>
>>> Almost every Linux install is vulnerable to a potentially-remote
>>> execution exploit involving bash. I know it has been patched in
>Gentoo and
>>> RHEL. It's probably been fixed in most other distros by now, too.
>Time to
>>> patch!
>>>
>>> -Kevin
>>>
>>>
>>> _______________________________________________
>>> grlug mailing list
>>> grlug at grlug.org
>>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>>
>>
>>
>> _______________________________________________
>> grlug mailing list
>> grlug at grlug.org
>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>grlug mailing list
>grlug at grlug.org
>http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20140924/9aa089b8/attachment.html>