|
|
|
|
|
|
by smhenderson
4165 days ago
|
|
|
I don't know a lot about it but I do remember reading that if you are using bash to process CGI or bash is spawned by a process that is handling CGI then the env is augmented with variables containing the contents of the http headers sent back by the client - thus giving an attacker a way to add to the environemnt. Again, I'm a bit sketchy on the details. We mitigated this on one server we have where it might have been an issue by simply disabling bash and sym linking sh to pdksh. And, yeah, the article does seem a bit schizophrenic... |
|
|