The flaw is not patched correctly. Tavis Ormandy has shown it to be still exploitable. Chester On 26 September 2014 11:23:59 GMT-07:00, Guus Snijders <gsnijders@xxxxxxxxx> wrote: >Op 26 sep. 2014 16:34 schreef "Doug Newgard" <scimmia@xxxxxxxxxxxxxx>: >[...] >> >> Instead of theorizing that "many" will do this, give a real world >example >of where this happens and would have reduced the attack surface of the >bug >in question. > >One of the very few examples that sound reasonable, is dhclient. >Apparently, that can be readily used for this bug to be exploited. >Sounds >like more of problem with dhclient, though. > >I agree that there's a lot of fud out there about this bug; once found >(or >perhaps: cve assigned), the patches came quickly, so that actually >looks >quite good for bash! > >Switching /bin/sh to dash has been discussed before and we can spend a >lot >of e-mails on that, but as usual it's up to devs to implement it as >such, >or not. > >Just my E0, 02 > >Mvg, Guus
