[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux_var] shellshock quali sw a rischio ?

To: linux_var - LUG di Varese e Provincia Mailing List <talking@ml.linuxvar.it>
Subject: Re: [linux_var] shellshock quali sw a rischio ?
From: Lorenzo Lobba <lorenzo.lobba@gmail.com>
Date: Fri, 26 Sep 2014 12:54:36 +0200
Authentication-results: linuxvar.it; dkim=pass reason="2048-bit key; insecure key" header.d=gmail.com header.i=@gmail.com header.b=xyhD79pn; dkim-adsp=pass; dkim-atps=neutral
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ml.linuxvar.it; s=mail; t=1411728819; bh=grxAKRDSrMndaPrD43+aVDnux+BSxyRQ84dSGwm4FnM=; h=In-Reply-To:References:Date:From:To:Subject:Reply-To:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe; z=In-Reply-To:=20<CAGod1SBAZ9Htw0MF=3DnRQjV_DpE17k0s00q-AejAW=3DGYK F2nByg@mail.gmail.com>|References:=20<CAGod1SBAZ9Htw0MF=3DnRQjV_Dp E17k0s00q-AejAW=3DGYKF2nByg@mail.gmail.com>|Date:=20Fri,=2026=20Se p=202014=2012:54:36=20+0200|From:=20Lorenzo=20Lobba=20<lorenzo.lob ba@gmail.com>|To:=20linux_var=20-=20LUG=20di=20Varese=20e=20Provin cia=20Mailing=20List=20<talking@ml.linuxvar.it>|Subject:=20Re:=20[ linux_var]=20shellshock=20quali=20sw=20a=20rischio=20?|Reply-To:=2 0linux_var=20-=20LUG=20di=20Varese=20e=20Provincia=20Mailing=20Lis t=0D=0A=20<talking@ml.linuxvar.it>|List-Id:=20linux_var=20-=20LUG= 20di=20Varese=20e=20Provincia=20Mailing=20List=0D=0A=20<talking.ml .linuxvar.it>|List-Unsubscribe:=20<http://ml.linuxvar.it/cgi-bin/m ailman/options/talking>,=0D=0A=20<mailto:talking-request@ml.linuxv ar.it?subject=3Dunsubscribe>|List-Archive:=20<http://ml.linuxvar.i t/pipermail/talking/>|List-Post:=20<mailto:talking@ml.linuxvar.it> |List-Help:=20<mailto:talking-request@ml.linuxvar.it?subject=3Dhel p>|List-Subscribe:=20<http://ml.linuxvar.it/cgi-bin/mailman/listin fo/talking>,=0D=0A=20<mailto:talking-request@ml.linuxvar.it?subjec t=3Dsubscribe>; b=uICPLRwVp55e6lmJmVb2U4+aQDXGrsd5NnhnuAUZe7P52PVbPSR+LGrXJ56Y/IIZx Er4ulJQdBZhqpBapWJEF3Mmra0NjhY5t4V0Cp8xJMQxV8uKYkCMmIQ2R3E7lw/kAB0 LmIMwRSc8kVi2cX0fLw7608VGKN/UDjFKt4TTPAc=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=RbNZNPb8QvUi3F/CT1afhW7/ZAOCIrM4NZUsfsp2Lq8=; b=xyhD79pnhR2e538q4Od8HA6fEt4dFAqDXSlY1gVTm8mrFqEi3bQ6Nyolm2tLKFlqnz PM7pJl/ny2JpYYi2yaOlOk6dPRYOe9LnvOW/Pc+JWo9zJa9gLCMJS/MlCA2USCvd7zgF KGlRyx3mRG4zAy4a+0opNf1rC8Vyqv8gqrKZSa/sVDfny7ZS6ni0VrKGM6O3+jJCY3XI G0A64PtUFUpNzYCgtukMrzyDA94n9j2N1EIscqxjW+bhONuMFDhzPViVOA8QI1fyI1a8 uP5xHXCTw2aPr6n5KETMkWGQ85H5mZUdXM/myFS5Ml6P1oji+IqX/NKz/JW9KKqFr4Hr Y/Eg==
In-reply-to: <CAGod1SBAZ9Htw0MF=nRQjV_DpE17k0s00q-AejAW=GYKF2nByg@mail.gmail.com>
List-archive: <http://ml.linuxvar.it/pipermail/talking/>
List-help: <mailto:talking-request@ml.linuxvar.it?subject=help>
List-id: linux_var - LUG di Varese e Provincia Mailing List <talking.ml.linuxvar.it>
List-post: <mailto:talking@ml.linuxvar.it>
List-subscribe: <http://ml.linuxvar.it/cgi-bin/mailman/listinfo/talking>, <mailto:talking-request@ml.linuxvar.it?subject=subscribe>
List-unsubscribe: <http://ml.linuxvar.it/cgi-bin/mailman/options/talking>, <mailto:talking-request@ml.linuxvar.it?subject=unsubscribe>
References: <CAGod1SBAZ9Htw0MF=nRQjV_DpE17k0s00q-AejAW=GYKF2nByg@mail.gmail.com>
Reply-to: linux_var - LUG di Varese e Provincia Mailing List <talking@ml.linuxvar.it>
Sender: "Talking" <talking-bounces@ml.linuxvar.it>

2014-09-26 12:42 GMT+02:00 Giovanni Orlandi <orlangio@gmail.com>:
> Ciao a tutti,
>
> a proposito della vulnerabilità della shell bash,
> quali configurazioni sono a rischio ?
Ne ho parlato giusto giusto con un mio collega esperto questa mattina.

Allora. Sono a rischio le CGI che usano bash (ksh, dash &C sono
immuni) e potenzialmente quelle si basano su Perl e tramite "system"
fanno una chiamata a una funzione bash.
Inviando alla bash tramite variabili alcune stringe di caratteri, si
possono eseguire in remoto comandi sul server.
Da quanto ho capito si possono solo dare comandi di lettura. Il
rischio è che le informazioni carpite possano essere poi usate per
sfruttare altre vulnerabilità.

Ciao,
Lorenzo
_______________________________________________
Talking mailing list
Talking@ml.linuxvar.it
http://ml.linuxvar.it/cgi-bin/mailman/listinfo/talking

Follow-Ups:
- Re: [linux_var] shellshock quali sw a rischio ?
  - From: Diego Roversi <diegor@tiscali.it>

References:
- [linux_var] shellshock quali sw a rischio ?
  - From: Giovanni Orlandi <orlangio@gmail.com>

Prev by Date: Re: [linux_var] shellshock quali sw a rischio ?
Next by Date: Re: [linux_var] shellshock quali sw a rischio ?
Previous by thread: Re: [linux_var] shellshock quali sw a rischio ?
Next by thread: Re: [linux_var] shellshock quali sw a rischio ?
Index(es):
- Date
- Thread