|
Full Disclosure
mailing list archives
RE: bash vulnerability?
From: Jay <jaymzu () gmail com>
Date: Mon, 15 Aug 2005 10:59:01 +0300
It's not nice to brag about finding 0-day bullshit in the bash fork
bomb that has been Zalewski's signature for years :P
--
J
This vulnerability for right now should be classified as a zero-day local
shell exploit for bash. May want to let your other customers using
Linux/*BSD about this. Still looking for a fix to it at the moment, I
have my team on it. From here, it looks like doing a "ulimit -u 15"
should supress it, but I'm not quite sure for exactly how long, or the
effectiveness.
The string looks like this:
:-(){ :|:& };:
Nasty little shit.
--
Mail I sent my admin earlier after I heard about it. Anyone have just
any idea what this is? And how to fix it?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: bash vulnerability?, (continued)
Re: bash vulnerability? Milan 't4c' Berger (Aug 13)
Re: bash vulnerability? starwars (Aug 14)
RE: bash vulnerability? Jay (Aug 15)
|
Intro
