hi,
By now , some of you would have heard about the shellshock bug identified
and making circles.
below is the environment setting command that has a bug.
*" env x='() { :;}; echo vulnerable' bash -c "echo this is a test"Source :
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
<https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/>*
Now from langsec perspective , how do we explain this , anybody ?
Regards,
Sashank
http://lnkd.in/88sgfr
_______________________________________________
langsec-discuss mailing list
langsec-discuss@mail.langsec.org
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
