[kwlug-disc] Vulnerability in bash
Khalid Baheyeldin
kb at 2bits.com
Thu Sep 25 12:12:01 EDT 2014
On Thu, Sep 25, 2014 at 11:55 AM, CrankyOldBugger <crankyoldbugger at gmail.com
> wrote:
> And now "some experts" are referring to this as the "Shellshock"
> vulnerability.
>
> Commence Public Mass Hysteria in three, two, one...
>
Well, this one is real scary.
If requests via the web server can execute arbitrary shell commands, it is
scary.
What is more scary is that a 25 year old mature piece of software can have
such a gaping hole in it exploitable remotely.
What about non-mature, less tested software, specially new comers that are
being widely adopted (systemd ...)
--
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- Leonardo da Vinci
For every complex problem, there is an answer that is clear, simple, and
wrong." -- H.L. Mencken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140925/3506574a/attachment.htm>
More information about the kwlug-disc
mailing list