[GLLUG] Bash Bug

James Roberts j.roberts at stabilys.com
Thu Sep 25 23:30:24 UTC 2014

On 25/09/14 20:14, Andy Smith wrote:
> Hello,
> On Thu, Sep 25, 2014 at 06:25:27PM +0100, chris procter wrote:
>> I'd still say heartbleed is worse though, who runs bash cgi scripts?
> It's not just applications implemented in bash, it's anything that
> ever shells out to bash and could have its environment under control
> of an attacker.
>      https://news.ycombinator.com/item?id=8362450

Eek! Worse than I thought then.

However, (almost) everyone running a public web interface will be 
patching - won't they? We are, and our upstream already have.

So I still reckon the problems are going to come from the systems that 
are never and have never been and will never be patched...

Stabilys Ltd		www.stabilys.com
244 Kilburn Lane
W10 4BA

0845 838 5370

More information about the GLLUG mailing list