How do you get to this prompt? Is this cmode or 7mode?

TIA,

Fred

From: Douglas Siggins <siggins@gmail.com>
To: "toasters@teaparty.net" <toasters@teaparty.net>
Sent: Wednesday, September 24, 2014 3:03 PM
Subject: CVE-2014-6271: remote code execution through bash

Looks like we are waiting for word from Netapp on this one:

netapp% uname -a
Data ONTAP xxxxxxx 8.2.1 Data ONTAP Release 8.2.1 amd64
netapp% Wed Sep 24 15:00:00 EDT [bosnamail20:kern.uptime.filer:info]:
3:00pm up 41 days, 39 mins, 603179098 NFS ops, 0 CIFS ops, 0 HTTP
ops, 0 FCP ops, 0 iSCSI ops
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
netapp%

bash --version
GNU bash, version 3.2.48(1)-release (x86_64-pc-freebsd)
Copyright (C) 2007 Free Software Foundation, Inc.

I doubt there are many vectors that this vuln would work, but still a
little concerning.
_______________________________________________
Toasters mailing list
Toasters@teaparty.net
http://www.teaparty.net/mailman/listinfo/toasters