Re: firefox: annoyance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 9/26/2014 3:36 PM, Valeri Galtsev wrote:
On Fri, September 26, 2014 5:13 pm, John R Pierce wrote:
>On 9/26/2014 2:51 PM, Always Learning wrote:
>>Probably all Windoze
>
>linux apache web servers with the bash exploit are getting owned en
>masse today.     my (patched) internet web server has logged 100s and
>100s of attempts like...
>
>66.186.2.172 - - [26/Sep/2014:00:49:29 -0700] "GET /cgi-bin/test.sh
I feel really stupid, but I have to ask. If your server wasn't patched, it
only would have owned by the above if that file exists, is executable by
apache and it indeed invokes bash (say, has #!/bin/bash or whatever bash
location is as first line), right?

no. mod_cgi launches /bin/sh and passes it the command, even if the file doesn't exist. and /bin/sh is linked to bash



--
john r pierce                                      37N 122W
somewhere on the middle of the left coast

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux