[Cialug] Shellshock Bash Remote Code Execution Vulnerability
Scott Yates
Scott at yatesframe.com
Thu Sep 25 13:18:20 CDT 2014
Jeffrey, it just boggles my mind they would do that, but that does appear
to be the case. Bad times ahead.
On Thu, Sep 25, 2014 at 1:13 PM, Jeffrey Ollie <jeff at ocjtech.us> wrote:
> On Thu, Sep 25, 2014 at 1:01 PM, Scott Yates <Scott at yatesframe.com> wrote:
>
> > Thanks Paul, that makes more sense and gives me more to go on.
> >
> > Side note: Are they REALLY just blankly accepting client side input and
> > stuffing them into environment variables? Almost feels like a SQL
> > injection attack but on bash.
> >
>
> Yes, they don't seem to explicitly say so, but at least one method for
> remotely triggering the bug is that mod_cgi on Apache takes the values of
> various HTTP headers and stuffs them into environment variables.
>
> --
> Jeff Ollie
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
More information about the Cialug
mailing list