[langsec-discuss] Fwd: ShellShock bug and langsec relation

Sashank Dara krishna.sashank at gmail.com
Fri Sep 26 17:18:35 UTC 2014


hi,

By now , some of you would have heard about the shellshock bug identified
and making circles.

below is the environment setting command that has a bug.



*" env x='() { :;}; echo vulnerable' bash -c "echo this is a test"Source :
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
<https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/>*

Now from langsec perspective , how do we explain this , anybody ?

Regards,
Sashank
http://lnkd.in/88sgfr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20140926/c43c3715/attachment.html>


More information about the langsec-discuss mailing list