Shellshock bug and ERPNext
32 views
Skip to first unread message
MP
Sep 26, 2014, 5:54:31 AM9/26/14
to erpnext-dev...@googlegroups.com
Hi Team,
Do Shellshock bug affects ERPNext or Frappe in anyway?
Kind regards,
MP
Do Shellshock bug affects ERPNext or Frappe in anyway?
Kind regards,
MP
Pratik Vyas
Sep 26, 2014, 6:37:02 AM9/26/14
to erpnext-dev...@googlegroups.com
On Fri, Sep 26, 2014 at 3:24 PM, MP <mayur....@gmail.com> wrote:
> Hi Team,
>
> Do Shellshock bug affects ERPNext or Frappe in anyway?
>
I tried to exploit with nginx setup, it was safe. I think version 2
> Hi Team,
>
> Do Shellshock bug affects ERPNext or Frappe in anyway?
>
(CGI) would be vulnerable.
Although, other a web server, it could aso be exploited from other
services that use bash to interpret vars. Eg dhcpclient,
https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/
Do upgrade to latest bash
Thanks,
--
Pratik
erpnext
Reply all
Reply to author
Forward
0 new messages