oss-sec mailing list archives
RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278)
From: Sona Sarmadi <sona.sarmadi () enea com>
Date: Fri, 3 Oct 2014 09:20:11 +0000
That script is a weird mixture of tests that implicitly pay no attention to Florian's patch, and therefore do not really demonstrate any security risk:
Thanks Michal, good to know :) You have a new patch (http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-029), I am sure many wonders what CVE is this for? This looks to be related to CVE-2014-7186 ("here document" http://tldp.org/LDP/abs/html/here-docs.html) but the correction is in make_cmd.c Is this a new vulnerability? So there isn't still any specific patch for CVE-2014-6277 and CVE-2014-6278 according to your post (http://www.openwall.com/lists/oss-security/2014/10/02/28)?
* CVE-2014-6277 - uninitialized memory issue, almost certainly RCE found by me. No specific patch yet.
* CVE-2014-6278 - command injection RCE found by me. No specific patch yet.
But Florian's unofficial patch or its upstream version (bash43-027 & co) mitigates *ALL* these six so far known CVE, right? Thanks /Sona
Current thread:
- Re: more bash parser bugs (CVE-2014-6277, CVE-2014-6278), (continued)
- Re: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Chet Ramey (Oct 01)
- RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Sona Sarmadi (Oct 01)
- Re: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Solar Designer (Oct 02)
- Re: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Chet Ramey (Oct 02)
- RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Menkhus, Mark (Global Cyber Security SSRT) (Oct 02)
- RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Sona Sarmadi (Oct 02)
- RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Menkhus, Mark (Global Cyber Security SSRT) (Oct 02)
- Re: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Michal Zalewski (Oct 02)
- RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Sona Sarmadi (Oct 02)
- Re: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Michal Zalewski (Oct 02)
- RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Sona Sarmadi (Oct 03)
- RE: more bash parser bugs (CVE-2014-6277, CVE-2014-6278) Sona Sarmadi (Oct 03)