CGI::Application and recent bash security hole
Kent Fredric
kentfredric at gmail.com
Fri Sep 26 07:28:33 BST 2014
On 26 September 2014 13:45, gvim <gvimrc at gmail.com> wrote:
>
> Updated my bash on CentOS 6.5 this morning so your test fails:
>
> # env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
> bash: warning: x: ignoring function definition attempt
> bash: error importing function definition for `x'
> this is a test
There's a second vulnerability that escapes the first bug patch.
env X="() { (a)=>\\" bash -c '/dev/stdout date'
If this prints the date, you still have a hole where bash can write content
to arbitrary files. ( And this trick somehow makes it write the date to
/dev/stdout. )
--
Kent
*KENTNL* - https://metacpan.org/author/KENTNL
More information about the london.pm
mailing list