A remotely exploitable hole in bash
A remotely exploitable hole in bash
Posted Sep 25, 2014 15:48 UTC (Thu) by cortana (subscriber, #24596)In reply to: A remotely exploitable hole in bash by thedevil
Parent article: A remotely exploitable hole in bash
Posted Sep 25, 2014 15:57 UTC (Thu)
by cortana (subscriber, #24596)
[Link]
> curl -H 'foo: () { evil; }' http://foo.example/cgi-bin/somebashscript
Now somebashscript has an attacker-supplied shell function, HTTP_foo. I am deeply uncomfortable with the fact that the script is only one typo away from running it. I would prefer this feature to be ripped out entirely, or at least disabled unless a script runs 'shopt -p terrifying_code_injection'.
A remotely exploitable hole in bash