Welcome! Log In Create A New Profile

Advanced

Re: CVE-2014-6271 : Remote code execution through bash

mex
September 25, 2014 03:27AM
foo ...

http://www.openwall.com/lists/oss-security/2014/09/24/17

"Note that on Linux systems where /bin/sh is symlinked to /bin/bash,
any popen() / system() calls from within languages such as PHP would
be of concern due to the ability to control HTTP_* in the env.

/mz"

$ ls -la /bin/sh
lrwxrwxrwx 1 root root 4 Mar 1 2012 /bin/sh -> dash

phew ':)
Subject Author Posted

CVE-2014-6271 : Remote code execution through bash

mex September 24, 2014 07:53PM

Re: CVE-2014-6271 : Remote code execution through bash

Andrew Cantino September 25, 2014 12:52AM

Re: CVE-2014-6271 : Remote code execution through bash

mex September 25, 2014 03:27AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 79
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready