Date: Fri, 16 Sep 2016 13:38:38 -0400 From: Jan Schaumann <jschauma@...meister.org> To: oss-security@...ts.openwall.com Cc: chet.ramey@...e.edu Subject: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME John Haxby <john.haxby@...cle.com> wrote: > A little while ago, one of our users discovered that by setting the > hostname to $(something unpleasant), bash would run "something > unpleasant" when it expanded \h in the prompt string. To clarify: this is only triggered if the hostname has been set, not the $HOSTNAME variable, right? Your subject line suggests setting $HOSTNAME would lead to command execution, which would be a vulnerability reminiscent of shellshock, but quickly glancing at the code, it looks like $HOSTNAME is only used if gethostname(3) returned an empty string? -Jan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.