[Cialug] Shellshock Bash Remote Code Execution Vulnerability

Will staticphantom at gmail.com
Thu Sep 25 13:11:15 CDT 2014


"Almost feels like a SQL
injection attack but on bash."

Bingo.

-Will C

On Thu, Sep 25, 2014 at 2:01 PM, Scott Yates <Scott at yatesframe.com> wrote:

> Thanks Paul, that makes more sense and gives me more to go on.
>
> Side note:  Are they REALLY just blankly accepting client side input and
> stuffing them into environment variables?  Almost feels like a SQL
> injection attack but on bash.
>
> Ish.
>> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>


More information about the Cialug mailing list