Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

zsh seems to be vulnerable to CVE-2014-6271: remote code execution through bash

X-seq: zsh-workers 33228
From: İsmail Dönmez <ismail@xxxxxxxxx>
To: "Zsh Hackers' List" <zsh-workers@xxxxxxx>
Subject: zsh seems to be vulnerable to CVE-2014-6271: remote code execution through bash
Date: Wed, 24 Sep 2014 17:45:15 +0300
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=donmez.ws; s=www; h=mime-version:from:date:message-id:subject:to:content-type; bh=YrVBTG2B+gdgtakzEe5AitIAokwk+aPUbR4DrOCDtKU=; b=Rn2SpKka8DHTEBmaKE504P+iTtshIOrEH6JcEB7Xb8xfJKXxg7Mey19VklXLzj1Mki 8b0meeh45hucffSyydBZtEIrKiQFJpcdf+07TRorA4R+SWlnWj7pupGTChDRc+rhWTVi NFoWSvy/QRruFt4xcL7Pydj4GWeoYJ1c/pWRA=
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm

According to the vulnerability test in
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

[~]> echo $ZSH_VERSION
5.0.6

[~]> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test

Looks like zsh is vulnerable too.

Regards.

Follow-Ups:
- Re: zsh seems to be vulnerable to CVE-2014-6271: remote code execution through bash
  - From: Peter Stephenson
- Re: zsh seems to be vulnerable to CVE-2014-6271: remote code execution through bash
  - From: Chet Ramey
- Re: zsh seems to be vulnerable to CVE-2014-6271: remote code execution through bash
  - From: Jérémie Roquet
- Re: zsh seems to be vulnerable to CVE-2014-6271: remote code execution through bash
  - From: Frank Terbeck

Messages sorted by: Reverse Date, Date, Thread, Author