[Cialug] Shellshock Bash Remote Code Execution Vulnerability

Scott Yates Scott at yatesframe.com
Thu Sep 25 12:48:55 CDT 2014 

Will, Thanks, I read that too, but I don't understand how you would coax
bash to set an environment variable from that.  Is it a string mis-parsing
issue somehow?  I mean, how the heck (miss spelled that as hack originally.
 lol) would you pass the string to bash in the first place?  Sorry if I am
still being dense, but at least with heartbleed I could see the remote
vector.

On Thu, Sep 25, 2014 at 12:43 PM, Will <staticphantom at gmail.com> wrote:

> Well the one thing that I read involved something with DHCP clients can
> kick off code seems to be the closest to remote code injection. For systems
> that allow a large user base that does not have root privileges may allow
> those users execute code with root privileges where otherwise they are
> restricted.
>
> Certain practices for working with software that requires a separate user
> account (some people do this with databases or svn for example) are
> susceptible for having the remote services execute remote shell commands.
>
> At least that is my understanding.
>
> -Will C
>
> On Thu, Sep 25, 2014 at 1:36 PM, Scott Yates <Scott at yatesframe.com> wrote:
>
> > Thanks Will, that is similar to the other articles I have been reading.
> I
> > am still left with the question however, how are environment variables
> > being set on a machine that does not allow user login?
> >
> > CGI scripts that spawn a bash shell or subshell are mentioned, but I
> don't
> > see how they would be enticed to set an env variable.
> > ​
> > ​All the tests I see are running local bash shell command lines.  I
> really
> > want to understand this, but I am not seeing how this is a "remote" issue
> > still.  I am probably being dense here.  Is there something else to look
> at
> > maybe?  My google-fu is failing me here.​
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>

More information about the Cialug mailing list