[ale] bash critical vulnerability - update NOW!
James Sumners
james.sumners at gmail.com
Mon Sep 29 15:55:58 EDT 2014
On Sun, Sep 28, 2014 at 7:44 PM, Derek Atkins <warlord at mit.edu> wrote:
> James Sumners <james.sumners at gmail.com> writes:
>
> > The moral of this story: don't write CGI scripts in Bash.
>
> It's more than just CGI, unfortunately. Anything that runs bash can be
> hit. For example, DHCP is succeptible.
>
And then we have shenanigans like this -- https://github.com/jaburns/ngincat
--
James Sumners
http://james.roomfullofmirrors.com/
"All governments suffer a recurring problem: Power attracts pathological
personalities. It is not that power corrupts but that it is magnetic to the
corruptible. Such people have a tendency to become drunk on violence, a
condition to which they are quickly addicted."
Missionaria Protectiva, Text QIV (decto)
CH:D 59
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140929/e8944081/attachment.html>
More information about the Ale
mailing list