On Wed, Oct 28, 2020 at 05:11:42PM +0000, Rachel Alderman wrote: > I've been made aware of a GNU Bash profile code execution vulnerability > https://exchange.xforce.ibmcloud.com/vulnerabilities/173116 reported last > December (2019-12-16)
This URL doesn't work without Javascript, and with Javascript enabled, it pops up a semi-translucent "please log in" window covering most of the text. The text that *is* visible appears to be only this: > Description: GNU Bash could allow a remote attacker to execute arbitrary > code on the system, caused by improper access control by the Bash profile. > By persuading a victim to open the Bash terminal, an attacker could > exploit this vulnerability to execute arbitrary code on the system. That doesn't tell us much. > https://packetstormsecurity.com/files/155687 That URL talks about writing something to the user's .bashrc so that next time they open bash, something bad happens. If you've got write access to the user's .bashrc file then sure, you can screw them up pretty badly. > There is no CVE identifier associated with the vulnerability ... so it's not even recognized as a real vulnerability by world experts? > and I've been > unable to determine whether there is a remediation available. Is anyone > aware of this vulnerability and where it may be tracked in Gnu Bash? "Remediation" for what, exactly? I'm not seeing any description of an actual exploit. Not even a vague one. Do you have any details on how this "exploit" is performed?
