Matthias Urlichs, le Thu 25 Sep 2014 21:17:58 +0200, a écrit : > Samuel Thibault: > > Sounds crazy to me. > > > Definitely. This is now out in the wild; exploits which simply replace > echo or cat-without-/bin are going to happen. :-/
That's not so easy to exploit. You have to manage to inject those precise variable names. Samuel -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
