This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: How vulnerable are bash users to shellshock bug?
- From: Achim Gratz <Stromeko at NexGo dot DE>
- To: cygwin at cygwin dot com
- Date: Mon, 29 Sep 2014 08:49:58 +0000 (UTC)
- Subject: Re: How vulnerable are bash users to shellshock bug?
- Authentication-results: sourceware.org; auth=none
- References: <loom dot 20140929T044707-609 at post dot gmane dot org>
Andy <AndyMHancock <at> gmail.com> writes:
> According to http://www.vox.com/2014/9/25/6843949/the-bash-bug-explained,
> shellshock is exploited when someone submits commands in place of parameter
> data to a server, which then tries to shove the info into an environment
> variable by a bash invocation.
No, the attack vector is to have a targeted user run bash in an environment
with at least one environment variable having crafted content as to exploit
the bug. That's quite general and can be used for all sorts of privilege
escalation locally, using it remotely via a service is just the icing on the
cake.
Regards,
Achim.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple