* [Cerowrt-devel] bash exploit heads up
@ 2014-09-24 21:45 Dave Taht
2014-09-24 21:51 ` Toke Høiland-Jørgensen
2014-09-24 21:54 ` Eric S. Johansson
0 siblings, 2 replies; 4+ messages in thread
From: Dave Taht @ 2014-09-24 21:45 UTC (permalink / raw)
To: cerowrt-devel
From fiddling with busybox's ash shell... thus far it *does NOT*
appear vulnerable to this.
http://linux.slashdot.org/story/14/09/24/1638207/remote-exploit-vulnerability-found-in-bash
Simple test:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
shows vulnerable for bash, not sh, on openwrt and cerowrt. That said,
it makes me nervous. I've never really liked the redir.sh method cero
uses to bounce people to the right web interface... suggestions to do
it in javascript or something safer desired.
and I'm aware that several people do run bash on cero, so be aware of
this issue.
--
Dave Täht
https://www.bufferbloat.net/projects/make-wifi-fast
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [Cerowrt-devel] bash exploit heads up
2014-09-24 21:45 [Cerowrt-devel] bash exploit heads up Dave Taht
@ 2014-09-24 21:51 ` Toke Høiland-Jørgensen
2014-09-24 21:54 ` Eric S. Johansson
1 sibling, 0 replies; 4+ messages in thread
From: Toke Høiland-Jørgensen @ 2014-09-24 21:51 UTC (permalink / raw)
To: Dave Taht; +Cc: cerowrt-devel
[-- Attachment #1: Type: text/plain, Size: 660 bytes --]
Dave Taht <dave.taht@gmail.com> writes:
> shows vulnerable for bash, not sh, on openwrt and cerowrt. That said,
> it makes me nervous. I've never really liked the redir.sh method cero
> uses to bounce people to the right web interface... suggestions to do
> it in javascript or something safer desired.
Doesn't the value of $SERVER_NAME come from the (static) lighttpd
configuration? In that case, redir.sh can be replaced with a static HTML
page.
If not, it's probably doable in the lighttpd configuration if a suitable
redirect/rewrite module is available. I forget the syntax, though,
haven't used lighttpd in ages; I'm sure Google knows, though.
-Toke
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 472 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Cerowrt-devel] bash exploit heads up
2014-09-24 21:45 [Cerowrt-devel] bash exploit heads up Dave Taht
2014-09-24 21:51 ` Toke Høiland-Jørgensen
@ 2014-09-24 21:54 ` Eric S. Johansson
2014-09-24 22:00 ` Eric S. Johansson
1 sibling, 1 reply; 4+ messages in thread
From: Eric S. Johansson @ 2014-09-24 21:54 UTC (permalink / raw)
To: cerowrt-devel
On 9/24/2014 5:45 PM, Dave Taht wrote:
> shows vulnerable for bash, not sh, on openwrt and cerowrt. That said,
> it makes me nervous. I've never really liked the redir.sh method cero
> uses to bounce people to the right web interface... suggestions to do
> it in javascript or something safer desired.
>
http://www.w3.org/QA/Tips/reback
I'll take a look in the next couple of days if no one beats me to it.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-09-24 22:00 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-09-24 21:45 [Cerowrt-devel] bash exploit heads up Dave Taht
2014-09-24 21:51 ` Toke Høiland-Jørgensen
2014-09-24 21:54 ` Eric S. Johansson
2014-09-24 22:00 ` Eric S. Johansson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox