Re: Bash vulnerable

To: debian-user-spanish@lists.debian.org
Subject: Re: Bash vulnerable
From: Angel Claudio Alvarez <angel@angel-alvarez.com.ar>
Date: Thu, 25 Sep 2014 19:19:53 -0300
Message-id: <[🔎] 20140925191953.829aaf3e2f5c722e70a57cf6@angel-alvarez.com.ar>
In-reply-to: <[🔎] 542423E2.8020903@gmail.com>
References: <[🔎] 542423E2.8020903@gmail.com>

El Thu, 25 Sep 2014 11:17:06 -0300
ciracusa <ciracusa@gmail.com> escribió:

> Hola Lista,
> 
> Alguien leyo algo de esta vulnerabilidad en BASH:
> 
> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
> 
> Muchas Gracias.

cambia a dash si no tenes scripts demasiado complejos en bash, funcionan
Hasta tanto arreglen el bug definitivamente (salio un parche pero no soluciona todo)
Si tens servidores con apache y cgi, cambia urgente el shell. Lo mismo si tenes algun lenguaje que llame a comandos de sistema mediante system(comando) o similar
> 
> Salu2.
> 
> 
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 542423E2.8020903@gmail.com">https://lists.debian.org/[🔎] 542423E2.8020903@gmail.com
> 


-- 
Angel Claudio Alvarez <angel@angel-alvarez.com.ar>

Reply to:

Follow-Ups:
- Re: Bash vulnerable
  - From: Carlos Carcamo <eazyduiz@gmail.com>

References:
- Bash vulnerable
  - From: ciracusa <ciracusa@gmail.com>

Prev by Date: Re: [Gutl-l] Ayuda urgente con iptables
Next by Date: Re: Systemd
Previous by thread: Re: Bash vulnerable
Next by thread: Re: Bash vulnerable
Index(es):
- Date
- Thread