Quote:
Originally Posted by Qtx
Don't need to already have shell access. You can do it through a a http request and spawn a remote shell.
|
Guess that's another good example of why you should always run your web server processes in a deprivileged account...
Nonetheless the original source linked from your NIST article:
https://securityblog.redhat.com/2014...ection-attack/
says the vulnerability can be exploited via:
- Apache server using mod_cgi or mod_cgid are affected if CGI scripts are either written in bash, or spawn subshells. Such subshells are implicitly used by system/popen in C, by os.system/os.popen in Python, system/exec in PHP (when run in CGI mode), and open/system in Perl if a shell is used (which depends on the command string)
But:
- PHP scripts executed with mod_php are not affected even if they spawn subshells.
So I fail to see how else it could be exploited via HTTP, if your process can't execute or spawn shells to begin with...
Ah well, I guess I'll have to keep reading up on this... Makes my job fun.
Quote:
|
Can also be abused via a rogue DHCP server to exploit some linux distros and also apple macs. It's not just mod_cgi.
|
---------- Post added at 13:57 ---------- Previous post was at 13:56 ----------
Quote:
Originally Posted by Osem
Does any of this have implications for us ordinary folks using PCs for a bit of surfing etc.? If so how and what, if anything, can we do about it? Presumably some of the sites we access might be vulnerable but how might that affect us? The brief BBC article on this mentioned home users looking out for device updates on things such as routers but how would we do this in practice and what devices are vulnerable? TIA
|
If you're running Windows, it will not affect you at all.
If you're running Mac or Linux but don't run any servers, you should be fine as long as attackers don't have direct physical access to your home network. On a public hotspot you might have to worry...