[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] Critical bash vulnerability CVE-2014-6271
- To: Seth Arnold <seth.arnold@xxxxxxxxxxxxx>
- Subject: Re: [FD] Critical bash vulnerability CVE-2014-6271
- From: Paul Vixie <paul@xxxxxxxxxxx>
- Date: Thu, 25 Sep 2014 15:56:32 -0700
> Seth Arnold <mailto:seth.arnold@xxxxxxxxxxxxx>
> Thursday, September 25, 2014 3:10 PM
>
> Which systems go through /bin/sh for the exec*() family of functions?
i don't have an exhaustive list. my friends at $dayjob told me to use
debian, so i am. i see this:
http://manpages.debian.org/cgi-bin/man.cgi?query=execv&apropos=0&sektion=0&manpath=Debian+7.0+wheezy&format=html&locale=en
which contains this text:
> If the header of a file isn't recognized (the attempted
> execve(2)
> <http://manpages.debian.org/cgi-bin/man.cgi?query=execve&sektion=2&apropos=0&manpath=Debian+7.0+wheezy&locale=>
> failed with the error ENOEXEC), these functions will execute the shell
> (/bin/sh) with the path of the file as its first argument. (If this
> attempt fails, no further searching is done.)
i now see that this only applies to execlp() and execvp(), not to the
entire family. (was reading in a terminal window before.)
--
Paul Vixie
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/