Re: I've found a vulnerability in bash

, I'm an exploit dev. Maybe an asshole too. On Fri, Nov 19, 2021 at 9:05 AM Kerin Millar wrote: > (Copying the list back in ...) > > On Fri, 19 Nov 2021 07:19:29 -0500 > Marshall Whittaker wrote: > > > Though I do disagree with you, this is the only message in this thread

Re: I've found a vulnerability in bash

happens. A short whitepaper on it has been made public at: https://oxagast.org/posts/bash-wildcard-expansion-arbitrary-command-line-arguments-0day/ complete with a mini PoC. On Wed, Nov 17, 2021 at 9:04 AM Chet Ramey wrote: > On 11/17/21 4:16 AM, Marshall Whittaker wrote: > > > Th

I've found a vulnerability in bash

Software: bash Version: 5.0.17(1)-release --- SNIP --- [marshall@jerkon]{04:09 AM}: [~/bashful] $ touch -- '--version' [marshall@jerkon]{04:09 AM}: [~/bashful] $ touch a && mkdir b [marshall@jerkon]{04:09 AM}: [~/bashful] $ ls -l total 4 -rw-rw-r-- 1 marshall marshall0 Nov 17 04:09 a

I've found a vulnerability in bash

rm * on some folder, by expansion, you could expand it to -riv or whatever you wanted and redirect program flow from there. Thanks, Marshall Whittaker / oxagast