You patch was pushed to master, 4.1 and 4.0 branches.
In addition, I pushed a patch with a new module parameter that could
disable the escape of the sensitive header part, just in case would be
needed by people who know what they do. Not documented in readme, as
probably should be removed rath
OK, ignore my previous email then...
Thanks again,
Daniel
On 25/09/14 16:51, Seudin Kasumovic wrote:
sorry, I attached wrong patch in previous post
here is new with fixed body length comparison.
On Thu, Sep 25, 2014 at 4:40 PM, Seudin Kasumovic
mailto:seudin.kasumo...@gmail.com>> wrote:
Hi Seudin,
thanks for heads up for vulnerabilities out there affecting us and the
patch!
One comment regarding the patch, I see this comparison:
if (!strncmp(w->u.hf->body.s,"() {",MIN(w->u.hf->body.len,2))) {
and I see as being compared of size 4 string. Missing something?
Cheers,
Daniel
sorry, I attached wrong patch in previous post
here is new with fixed body length comparison.
On Thu, Sep 25, 2014 at 4:40 PM, Seudin Kasumovic <
seudin.kasumo...@gmail.com> wrote:
> Hi kamailio users,
>
> we are witnesses of new discovered bug in bash: Bash Code Injection
> Vulnerability via S
Hi kamailio users,
we are witnesses of new discovered bug in bash: Bash Code Injection
Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271)
https://access.redhat.com/node/1200223
As exec module exports all SIP headers in environment so it's was easy to
push bash command.
Th
