Search found 2 matches

by pessimizer
Thu Sep 25, 2014 12:18 pm
Forum: Releases & Announcements
Topic: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Replies: 189
Views: 144908

Re: Recent bash vulnerability and patch questions

Short thread, lots of bad information. Bug is bad, and still unpatched (the patch was bad.) Things running on mod_php, passenger, etc. through Apache and nginx are generally safe, and in Debian, you would have to have changed /bin/sh to bash manually or have applications running that exec out to scr...
by pessimizer
Thu Sep 25, 2014 10:59 am
Forum: Releases & Announcements
Topic: Main Edition: BASH vulnerability a.k.a. 'Shellshock'
Replies: 189
Views: 144908

Re: What's this about bash?

Just to update on this: 1) it is a major bug, there are many proofs of concept, including through dhclient and through crafting headers in GETs that are passed to programs through cgi (I think that the ktorrent remote web administration interface seems like the type of thing that would be vulnerable...

Go to advanced search