[Info-vax] And now bash has a vulnerability
hb
end.of at inter.net
Thu Sep 25 08:08:13 EDT 2014
On 09/25/2014 01:32 PM, RobertsonEricW wrote:
> Thanks for posting this information! OpenVMS bash is currently built using
Bash 4.3.24. I am assuming that this contains the incomplete fix. But I will
keep an eye out for any information on the Bash development site.
What is 'OpenVMS bash'? No (incomplete) fix in that version:
$ mcr gnv$gnu:[bin]bash -version
GNU bash, version 4.3.24(0)-release (alpha-dec-vms)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
PACKAGE GNV-3.0-1-EWR-1 ECO 0 Sep 4 2014 19:53:47 VMS 80300022 HP/DECC
70390010
$
$ mcr gnv$gnu:[bin]bash -c "env x='() { :;}; echo vulnerable' /bin/bash
-c ""echo this is a test"""
vulnerable
this is a test
$
$ mcr gnv$gnu:[bin]bash -c "env X='() { (a)=>\' /bin/bash -c ""echo
date""; /bin/cat echo"
/bin/bash: X: line 1: syntax error near unexpected token `='
/bin/bash: X: line 1: `'
/bin/bash: error importing function definition for `X'
Thu Sep 25 07:57:11 EDT 2014
$
$ type echo.
Thu Sep 25 07:57:11 EDT 2014
$
This version is vulnerable, but is there anybody using gnv/bash based
CGI code etc. in any (web) service on OpenVMS?
More information about the Info-vax
mailing list