[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GNU Bash profile code execution vulnerability enquiry
|
From: |
Greg Wooledge |
|
Subject: |
Re: GNU Bash profile code execution vulnerability enquiry |
|
Date: |
Wed, 28 Oct 2020 13:53:02 -0400 |
|
User-agent: |
Mutt/1.10.1 (2018-07-13) |
On Wed, Oct 28, 2020 at 05:11:42PM +0000, Rachel Alderman wrote:
> I've been made aware of a GNU Bash profile code execution vulnerability
> https://exchange.xforce.ibmcloud.com/vulnerabilities/173116 reported last
> December (2019-12-16)
This URL doesn't work without Javascript, and with Javascript enabled,
it pops up a semi-translucent "please log in" window covering most of
the text.
The text that *is* visible appears to be only this:
> Description: GNU Bash could allow a remote attacker to execute arbitrary
> code on the system, caused by improper access control by the Bash profile.
> By persuading a victim to open the Bash terminal, an attacker could
> exploit this vulnerability to execute arbitrary code on the system.
That doesn't tell us much.
> https://packetstormsecurity.com/files/155687
That URL talks about writing something to the user's .bashrc so that
next time they open bash, something bad happens. If you've got write
access to the user's .bashrc file then sure, you can screw them up
pretty badly.
> There is no CVE identifier associated with the vulnerability
... so it's not even recognized as a real vulnerability by world
experts?
> and I've been
> unable to determine whether there is a remediation available. Is anyone
> aware of this vulnerability and where it may be tracked in Gnu Bash?
"Remediation" for what, exactly? I'm not seeing any description of
an actual exploit. Not even a vague one.
Do you have any details on how this "exploit" is performed?