Re: Bug#762839: bash without importing shell functions from the environment

[Martin Uecker <uecker@eecs.berkeley.edu>]

Samuel Thibault:
> Matthias Urlichs, le Thu 25 Sep 2014 21:17:58 +0200, a écrit :
> > Samuel Thibault:
> > > Sounds crazy to me.
> > > 
> > Definitely. This is now out in the wild; exploits which simply replace
> > echo or cat-without-/bin are going to happen. :-/
> 
> That's not so easy to exploit. You have to manage to inject those precise
> variable names.

While everybody is looking at bash, isn't this the real the
injection part? Why are there still programs which copy stuff
from the network into environment without proper sanitation? 
This bash bug makes this easy to exploit, but it is not hard
to imagine that this can confuse other programs in different
ways. In fact, there were very similar bugs in the past:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997



Martin