BugTraq
Bug in bash <= 4.3 [security feature bypassed] Jun 03 2014 02:16PM
Hector Marco (hecmargi upv es) (1 replies)
Re: Bug in bash <= 4.3 [security feature bypassed] Jun 05 2014 10:02AM
Daryl Tester (dt-bugtraq handcraftedcomputers com au) (1 replies)
On 03/06/14 23:46, Hector Marco wrote:

> Recently we discovered a bug in bash. After some time after reporting
> it to bash developers, it has not been fixed.

...

> Any comments about this issue are welcomed.
>
> Details at:
> http://hmarco.org/bugs/bash_4.3-setuid-bug.html

I'm only going by the patch presented above, so ...

1. The program should be calling setgid() before setuid() (which is
another common class of security mistake).

2. Why is exit() returning values greater than 255? It's not capable
of doing that under (most) Unix environments.

--
Regards,
Daryl Tester
Handcrafted Computers Pty. Ltd.

[ reply ]
Re: Bug in bash <= 4.3 [security feature bypassed] Jun 05 2014 09:13PM
Hector Marco (hecmargi upv es)


 

Privacy Statement
Copyright 2010, SecurityFocus