Slashdot article http://linux.slashdot.org/story/14/09/24/1638207/remote-exploit-vulnerability-found-in-bash
Story at http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html CVE ID CVE-2014-6271 at http://seclists.org/oss-sec/2014/q3/650 Summary... bash scripts, CGI, perl via "system()", and various other "commands" invoke a bash shell at times, passing environmental variables in the process. Problem is that an "environmental variable" ***CAN CONTAIN A FUNCTION DEFINITION, AND EXECUTE IT WHILST SPAWNING A NEW SHELL***. E.g. execute the command... env x='() { :;}; echo vulnerable' bash -c "echo this is a test" ...and you get the following... vulnerable this is a test Replace... x='() { :;}; echo vulnerable' ...with malicious stuff, and it could get ugly. app-shells/bash-4.2_p48 has been pushed to Gentoo stable. The same "env" command results in... bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test -- Walter Dnes <[email protected]> I don't run "desktop environments"; I run useful applications
