
Full Disclosure mailing list archives
Re: Critical bash vulnerability CVE-2014-6271
From: Paul Vixie <paul () redbarn org>
Date: Thu, 25 Sep 2014 13:54:31 -0700
Tim <mailto:tim-security () sentinelchicken org> Thursday, September 25, 2014 1:06 PM If you change the default shell from bash to a more sane one[1], like dash or ash, does this attack disappear?
no. the problem occurs when /bin/sh is bash, or when a network invokable script begins with the line #!/bin/bash. it has nothing to do with the user's shell. rather, it's the shell used by popen() and system() and of course (execl, execlp, execle, execv, execvp, execvpe), or, it's the explicitly called shell named at the top of the script itself.
I would assume so, but sometimes foolish packages directly reference /bin/bash in the #! header. (I notice some dhclient shell script hooks don't make an explicit reference at all, while others reference /bin/sh.)
some scripts really do depend on bash's extensions. the dhclient hook is particularly bad about that, since it uses the environment to pass parameters that are set by the DHCP server (or a miscreant pretending to be one). -- Paul Vixie _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: Critical bash vulnerability CVE-2014-6271, (continued)
- Re: Critical bash vulnerability CVE-2014-6271 Michal Zalewski (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Tony Arcieri (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 (slightly OT logo discussion) Ben Lincoln (F7EFC8C9 - FD) (Sep 26)
- Re: Critical bash vulnerability CVE-2014-6271 Matt Hazinski (Sep 26)
- Re: Critical bash vulnerability CVE-2014-6271 Tony Arcieri (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Michal Zalewski (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Yvan Janssens (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 g () 1337 io (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Evan Teitelman (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Godin, Erik (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Tim (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Seth Arnold (Sep 25)
- Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)
- Message not available
- Re: Critical bash vulnerability CVE-2014-6271 Paul Vixie (Sep 25)