[dns-operations] ShellShock exploit through the DNS

Paul Vixie paul at redbarn.org
Tue Oct 14 13:41:47 UTC 2014



> Tony Finch <mailto:dot at dotat.at>
> Tuesday, October 14, 2014 5:31 AM
>
> A CGI script invoked by Apache httpd with HostnameLookups On
> (the default is Off, a safer setting is Double)
thanks, that makes sense. the security advisory posted here did not
mention any real world examples. i agree that apache with
HostnameLookups turned on, on redhat or apple systems where /bin/sh is
bash, is a real world example.

apparently the apache team believed as i did that no shell would ever
eval() its environment variables no matter with or without input
checking. the bash team really violated the principle of least
astonishment with function inheritance.

-- 
Paul Vixie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141014/076dd841/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: compose-unknown-contact.jpg
Type: image/jpeg
Size: 770 bytes
Desc: not available
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141014/076dd841/attachment.jpg>


More information about the dns-operations mailing list