How do you get to this prompt? Is this cmode or 7mode?
TIA, Fred
________________________________ From: Douglas Siggins siggins@gmail.com To: "toasters@teaparty.net" toasters@teaparty.net Sent: Wednesday, September 24, 2014 3:03 PM Subject: CVE-2014-6271: remote code execution through bash
Looks like we are waiting for word from Netapp on this one:
netapp% uname -a Data ONTAP xxxxxxx 8.2.1 Data ONTAP Release 8.2.1 amd64 netapp% Wed Sep 24 15:00:00 EDT [bosnamail20:kern.uptime.filer:info]: 3:00pm up 41 days, 39 mins, 603179098 NFS ops, 0 CIFS ops, 0 HTTP ops, 0 FCP ops, 0 iSCSI ops env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test netapp%
bash --version GNU bash, version 3.2.48(1)-release (x86_64-pc-freebsd) Copyright (C) 2007 Free Software Foundation, Inc.
I doubt there are many vectors that this vuln would work, but still a little concerning. _______________________________________________ Toasters mailing list Toasters@teaparty.net http://www.teaparty.net/mailman/listinfo/toasters