Connect to a rogue server -> BOOM, instant root command shell. One vulnerable local program should not instantly create a remote hole.Įdit: actually it's even worse than that, since in the case of DHCP clients it seems that stuff gets exported always, without any compromise of the client being necessary. should not be able to just export whatever into the user's environment. I guess my point is, a vulnerability in a strictly local command shell should not translate into a remote exploit in a web service on a sanely configured server. Click to expand.I'm not talking about CGI scripts implemented in bash, more that any compromised process can export an environment variable and have bash pick it up and execute it.Īlthough when you get down to it, the problem there is more DAC than UNIX specifically.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |