[Sans] remote exploit in bash
Steven Armstrong
steven.armstrong at id.ethz.ch
Thu Sep 25 09:39:57 CEST 2014
Guess most of you know by now, but in case you don't, go read.
http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html
This one is _really_ ugly.
more info:
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
Cheers,
Steven
--
Steven Armstrong, ETH Zurich
High Performance Computing, Scientific IT Services
WEC D 17, Weinbergstrasse 11, 8092 Zurich, Switzerland
Phone +41 44 632 25 24
More information about the Sans
mailing list