Bugtraq: Re: bash 1.x - command substitution bug

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: bash 1.x - command substitution bug

From: lcamtuf () IDS PL (Michal Zalewski)
Date: Thu, 15 Jul 1999 02:16:31 +0200

http://www.cert.org/ftp/cert_advisories/CA-96.22.bash_vuls


Just to make it clear - vulnerability described in my post seems to be
almost similar to one described in CERT advisory. But in fact bug
addressed there (bash -c 'command1(0xff)command2') has been fixed years
ago in bash 1.14.7 release, while one described by me (0xff in command
substitution) - hasn't been fixed (till silent fix in 2.0.x releases).

_______________________________________________________________________
Michal Zalewski [lcamtuf () ids pl] [link / marchew] [dione.ids.pl SYSADM]
[Marchew Industries] ! [http://lcamtuf.na.export.pl] bash$ :(){ :|:&};:
[voice phone: +48 22 813 25 86] <=-=> [cellular phone: +48 501 4000 69]
Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch]

By Date By Thread

Current thread:

Re: bash 1.x - command substitution bug Michal Zalewski (Jul 14)
- <Possible follow-ups>
- bash 1.x - command substitution bug Michal Zalewski (Dec 12)