- 8,434
- Rockay City
So, a new vulnerability has been discovered in bash that allows code execution via environment variables:
https://securityblog.redhat.com/201...-environment-variables-code-injection-attack/
http://seclists.org/oss-sec/2014/q3/649
With bash being part of almost every Linux distribution (and possibly OSX, iOS, Android as well?), and with anything from a remote camera to a router running some form of Linux distribution, this could be the next (and bigger) HeartBleed. Ouch!
https://securityblog.redhat.com/201...-environment-variables-code-injection-attack/
http://seclists.org/oss-sec/2014/q3/649
With bash being part of almost every Linux distribution (and possibly OSX, iOS, Android as well?), and with anything from a remote camera to a router running some form of Linux distribution, this could be the next (and bigger) HeartBleed. Ouch!
