[ale] bash critical vulnerability - update NOW!
Jim Kinney
jim.kinney at gmail.com
Mon Sep 29 17:13:01 EDT 2014
On Mon, Sep 29, 2014 at 3:55 PM, James Sumners <james.sumners at gmail.com>
wrote:
> On Sun, Sep 28, 2014 at 7:44 PM, Derek Atkins <warlord at mit.edu> wrote:
>
> > James Sumners <james.sumners at gmail.com> writes:
> >
> > > The moral of this story: don't write CGI scripts in Bash.
> >
> > It's more than just CGI, unfortunately. Anything that runs bash can be
> > hit. For example, DHCP is succeptible.
> >
>
> And then we have shenanigans like this --
> https://github.com/jaburns/ngincat
>
What could POSSIBLY go wrong!
>
>
> --
> James Sumners
> http://james.roomfullofmirrors.com/
>
> "All governments suffer a recurring problem: Power attracts pathological
> personalities. It is not that power corrupts but that it is magnetic to the
> corruptible. Such people have a tendency to become drunk on violence, a
> condition to which they are quickly addicted."
>
> Missionaria Protectiva, Text QIV (decto)
> CH:D 59
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://mail.ale.org/pipermail/ale/attachments/20140929/e8944081/attachment.html
> >
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
--
--
James P. Kinney III
Every time you stop a school, you will have to build a jail. What you gain
at one end you lose at the other. It's like feeding a dog on his own tail.
It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
*http://heretothereideas.blogspot.com/
<http://heretothereideas.blogspot.com/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140929/fbaf9115/attachment.html>
More information about the Ale
mailing list