[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: Buffer overflow in BASH
From: "Peter J. Holzer" <hjp () WSR ! AC ! AT>
Date: 1999-04-27 14:38:15
[Download RAW message or body]
On 1999-04-19 14:59:06 -0400, Adam D. McKenna wrote:
> I really don't see the point of people posting bash bugs here.
> Especially not bugs in old versions. There are a lot of bash bugs, you
> can't gain any extra priveleges by exploiting them though.
You can, if you can trigger the bug in a script which is not running
with your privileges - suid and cgi scripts are obvious examples.
So, posting bash bug reports at least reminds people that using
bash - especially old versions - for such scripts is not a good idea.
hp
--
_ | Peter J. Holzer | Where do you want your keys
|_|_) | Sysadmin WSR / Obmann LUGA | to go today?
| | | hjp@wsr.ac.at | -- Tom Perrine <tep@SDSC.EDU>
__/ | http://wsrx.wsr.ac.at/~hjp/ | on bugtraq 1999-04-20
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic