Critical Bash Vuln
Remote code execution potential!
Bug in Bash shell creates big security hole on anything with *nix in it | Ars Technica
Bug in Bash shell creates big security hole on anything with *nix in it | Ars Technica
Comments
-
aftereffector
Member Posts: 525 ■■■■□□□□□□
Because of its wide distribution, the vulnerability could be as wide-ranging as the Heartbleed bug,
Awwww &@*# not that again!though it may not be nearly as dangerous.
I don't exactly feel better. Unless I am wrong, which is very possible, this looks like an injection attack vector that will primarily target servers, which should get updated in short order - but there are an awful lot of *nix systems using bash out there.CCIE Security - this one might take a while... -
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
Thanks for sharing, just patched 3 of my centos boxes since they were vulnerable. -
LinuxRacr
Member Posts: 653 ■■■■□□□□□□
Yeah, I saw this notification come in today at work via Red Hat. I guess I'll need to add this to my patching...My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE! -
UnixGuy
Mod Posts: 4,570 Mod
yeah I ran yum update this morning and I was about read what's with the update to 'bash', thought it was a new version or something. Thanks for that -
wes allen
Member Posts: 540 ■■■■■□□□□□
This one also appears to be wormable - so psyched I am off for a few days! -
docrice
Member Posts: 1,706 ■■■■■■■■■■
Don't be alarmed. It only looks weaponized now.
https://gist.github.com/anonymous/929d622f3b36b00c0be1
The hammers are located in isle 18 to the right.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
wes allen
Member Posts: 540 ■■■■■□□□□□
-
chaser7783
Member Posts: 154
Not only has it been weaponized VT shows a 0/55 rate for detection.
Source: https://www.virustotal.com/en/file/73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489/analysis/1411634118/
Here is some good info on the breakdown within the ELF binary showing all of it's features.
Source: KernelMode.info • View topic - Linux/Bash0day alias Shellshock alias Bashdoor -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Yeah we just alerted for it at work. Updating my Spacewalk and then deploying to all my boxes.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
chaser7783
Member Posts: 154
There is also an incomplete fix to CVE-2014-6271.
Source: oss-sec: Re: CVE-2014-6271: remote code execution through bash -
wes allen
Member Posts: 540 ■■■■■□□□□□
Client side (DHCP) attacks - https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/
-
powmia
Users Awaiting Email Confirmation Posts: 322
I wonder if there is any correlation between this and the AWS reboot
-
JDMurray
Admin Posts: 13,093 Admin
SANS Internet Storm Center blog articles on ShellShock:- Update on CVE-2014-6271: Vulnerability in bash (shellshock)
- Webcast Briefing: Bash Code Injection Vulnerability
- Attention *NIX admins, time to patch!
More ShellShock article links:
