Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1999: Re: Bash Bug

Re: Bash Bug

Pavel Kankovsky (peakARGO.TROJA.MFF.CUNI.CZ)
Thu, 22 Apr 1999 11:16:06 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Christopher Seawood: "Re: Go!Zilla, possible trojan"
Previous message: Iversen, Eric: "Re: BUGTRAQ Digest - 20 Apr 1999 to 21 Apr 1999 (#1999-92)"
In reply to: Shadow: "Bash Bug"
Next in thread: Chet Ramey: "Re: Bash Bug"

On Tue, 20 Apr 1999, Shadow wrote:

> mkdir "\ `echo -e \ "echo + +> ~\57.rhosts\ " > x; source x; rm -f \x\ ` "

Bash 1.x screws up during PS1 substitution (\w, \W). Bash 2.x does not
seem to be vulnerable. Anyway, there's a hope even for those who want to
stick to 1.x: replace \w with $PWD, \W with ${PWD##*/} (no guarantee).

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"NSA GCHQ KGB CIA nuclear conspiration war weapon spy agent... Hi Echelon!"

Next message: Christopher Seawood: "Re: Go!Zilla, possible trojan"
Previous message: Iversen, Eric: "Re: BUGTRAQ Digest - 20 Apr 1999 to 21 Apr 1999 (#1999-92)"
In reply to: Shadow: "Bash Bug"
Next in thread: Chet Ramey: "Re: Bash Bug"