[Full-Disclosure] R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors
Knud Erik Højgaard
knud at skodliv.dk
Tue Dec 17 02:34:32 GMT 2002
matt merhar wrote:
> On Mon, 16 Dec 2002 10:56:20 -0800 (PST)
> Michal Zalewski <lcamtuf at ghettot.org> wrote:
>
>> :(){ :|:&};:
>
> ^^^^^^^^^^ don't type that i lost 134 day uptime because of that
No wonder, if you substitute the : with a word, for example bomb, it's
pretty obvious what this does.
bomb(){ bomb|bomb&};bomb
A properly configured login.conf prohibits this from having any effect on my
FreeBSD, and since you dont state your flavour i suppose it's the same as
mine.
--
Knud
Full-Disclosure is hosted and sponsored by Secunia.