oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Shellshocker - Repository of "Shellshock" Proof of Concept Code

From: Peter G Spera <spera () us ibm com>
Date: Mon, 6 Oct 2014 08:30:48 -0400

Jose,
It is important to note that the BASH running on z/OS was a proof of
concept from 2001-2002. It was part of a Redbook project and is not part of
any supported IBM z/OS product. IBM suggests that customers keep current
with the latest version of BASH, downloading the source from GNU or working
with vendors like Rocket Software to get a supported version.

Regards,
    Peter
Peter Spera, IBM System z Security, System Integrity Center, Mail:
spera () us ibm com, IBM STG, Poughkeepsie, NY
-----------------------------------
From:   Jose R R <Jose.r.r () metztli-it com>
To:     oss-security () lists openwall com
Date:   10/05/2014 02:49 AM
Subject:        [oss-security] Shellshocker - Repository of "Shellshock" Proof
            of Concept Code
Sent by:        jose.r.r () metztli com



Niltze!

Of possible interest:

< https://github.com/mubix/shellshocker-pocs >

I was surprised a (vulnerable) bash has been ported to IBM z/OS

<
http://mainframed767.tumblr.com/post/98446455927/bad-news-is-it-totally-works-in-bash-on-z-os-and






Best Professional Regards.

--
Jose R R
http://www.metztli-it.com
---------------------------------------------------------------------------------------------

NEW Apache OpenOffice 4.1.1! Download for GNU/Linux, Mac OS, Windows.
---------------------------------------------------------------------------------------------

Daylight Saving Time in USA & Canada ends: Sunday, November 02, 2014
---------------------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: