[GRLUG] CVE-2014-6271
Michael Mol
mikemol at gmail.com
Wed Sep 24 16:30:08 EDT 2014
Nah, not going to be surprised. But don't you have to successfully auth to get anything AcceptEnv passed along? And sshd downgrades privileges by that point.
On September 24, 2014 4:27:18 PM EDT, Kevin McCarthy <signals42 at gmail.com> wrote:
>Well, the BIG one is CGI scripts from a web server which passes data
>via
>environment variables. But OpenSSH could be vulnerable via TERM or
>anything
>in AcceptEnv. I think you'd be surprised how many attack vectors there
>are
>for this one.
>
>-Kevin
>
>On Wed, Sep 24, 2014 at 3:08 PM, Mark Farver <mfarver at mindbent.org>
>wrote:
>
>> I think it is a stretch to label this remotely exploitable. If an
>> attacker has remote control of environment variables you have bigger
>> problems.
>>
>> Mark
>> On Sep 24, 2014 2:50 PM, "John Wesorick" <john at wesorick.com> wrote:
>>
>>> Ubuntu <http://www.ubuntu.com/usn/usn-2362-1/> and Debian
>>>
><https://lists.debian.org/debian-security-announce/2014/msg00220.html>
>>> were patched as well.
>>>
>>> On Wed, Sep 24, 2014 at 2:44 PM, Kevin McCarthy
><signals42 at gmail.com>
>>> wrote:
>>>
>>>> Figured I'd pass this along to the mailing list since it looks
>quite
>>>> serious:
>>>>
>>>>
>>>>
>http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html
>>>>
>>>> Almost every Linux install is vulnerable to a potentially-remote
>>>> execution exploit involving bash. I know it has been patched in
>Gentoo and
>>>> RHEL. It's probably been fixed in most other distros by now, too.
>Time to
>>>> patch!
>>>>
>>>> -Kevin
>>>>
>>>>
>>>> _______________________________________________
>>>> grlug mailing list
>>>> grlug at grlug.org
>>>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>>>
>>>
>>>
>>> _______________________________________________
>>> grlug mailing list
>>> grlug at grlug.org
>>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>>
>>
>> _______________________________________________
>> grlug mailing list
>> grlug at grlug.org
>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>grlug mailing list
>grlug at grlug.org
>http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20140924/e2588042/attachment-0001.html>
More information about the grlug
mailing list