[Novalug] Novalug] Mac and bash vulnerability bug
John Warren
jpwarren00@gmail.com
Thu Sep 25 17:42:10 EDT 2014
For web servers a crafty user could get the same access as the web server, which is bad enough. A determined user might be able to find privilege escalation from there.
On September 25, 2014, at 5:37PM, "Don E. Groves, Jr. via Novalug" wrote:
Yes I have a Mac with latest patches applied.
And
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
Output is:
vulnerable
this is a test
Could a crafty user get 'root' or do other damage? I don't know
--
djr
On Thu, Sep 25, 2014 at 1:03 PM, Bonnie Dalzell via Novalug <
novalug@firemountain.net> wrote:
>
>
> anyone there into macs?
>
> --
--
Don E. Groves, Jr.
Tag it's your turn now... ... ....
**********************************************************************
The Novalug mailing list is hosted by firemountain.net.
To unsubscribe or change delivery options:
http://www.firemountain.net/mailman/listinfo/novalug
More information about the Novalug
mailing list