topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Tuesday March 19, 2024, 6:36 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Linux bash exploit discovered  (Read 22065 times)

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Points: 45
  • Posts: 3,411
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #25 on: September 26, 2014, 10:24 PM »

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #26 on: September 26, 2014, 10:53 PM »
Most of that video overstayed its welcome, but the bit at 0:25-0:32 is priceless.

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,746
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #27 on: September 27, 2014, 10:07 AM »
Why are they all pronouncing it "lye nucks"?

Innuendo

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 2,266
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #28 on: September 27, 2014, 10:25 AM »
Akamai has created a WAF rule to filter this exploit; see "For Web Applications" below for details."

The way my mind works sometimes concerns me. The first thing that came to mind when I read this was why does Akamai have to worry about the wife approval factor when patching exploits?

ewemoa

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 2,922
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #29 on: September 28, 2014, 07:23 PM »
Regarding the plausibility of Fedora switching the system shell from bash (e.g. to dash), the following tidbit came up:

I switched a Fedora box to using dash as /bin/sh, and so far have only
logged one bug for something that broke, and it pretty much deserved
to break (BZ #1146733).

via http://www.openwall.com/lists/oss-security/2014/09/28/9

No idea whether that's typical...but note that the author may be an employee of RedHat.

lanux128

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 6,277
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #30 on: September 28, 2014, 08:47 PM »
i believe this has something to do with this post so i'll just leave this here.

1_2014_09_29_001.png
http://www.intelliad...ity-to-look-out-for/

rgdot

  • Supporting Member
  • Joined in 2009
  • **
  • Posts: 2,192
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #31 on: September 28, 2014, 10:00 PM »
Update provided on Mint (bash 4.2-2Ubuntu2.3--->4.2-2Ubuntu2.5 ) fixes it as far as I can see, the tests quoted in this thread that showed vulnerable no longer do for me

ewemoa

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 2,922
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #32 on: September 29, 2014, 02:49 AM »
There is a Wikipedia page now:

  https://en.wikipedia.org/wiki/Shellshock_%28software_bug%29

One of the sections is "Reported Vulnerabilities", under which there are 5 things listed so far.



The "DHCP Proof of concept Shellshock exploit" link that lanux128 posted alluded to definitely increased motivation around here to patch more machines -- though it looks like more patching may be necessary before long.
« Last Edit: September 29, 2014, 04:46 AM by ewemoa »

ewemoa

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 2,922
    • View Profile
    • Donate to Member
Re: Linux bash exploit discovered
« Reply #33 on: September 29, 2014, 07:47 AM »
A git repository with code to check for the originally reported vulnerability and (some of the?) subsequently revealed(?) ones...

test script for shellshocker and related vulnerabilities

The Bash vulnerability that is now known as shellshock had an incomplete fix at first. There are currently 4 public and one supposedly non-public vulnerability.

via https://github.com/hannob/bashcheck