Main Area and Open Discussion > General Software Discussion
Linux bash exploit discovered
lanux128:
i believe this has something to do with this post so i'll just leave this here.
• http://www.intelliadmin.com/index.php/2014/09/shellshock-a-vulnerability-to-look-out-for/
rgdot:
Update provided on Mint (bash 4.2-2Ubuntu2.3--->4.2-2Ubuntu2.5 ) fixes it as far as I can see, the tests quoted in this thread that showed vulnerable no longer do for me
ewemoa:
There is a Wikipedia page now:
https://en.wikipedia.org/wiki/Shellshock_%28software_bug%29
One of the sections is "Reported Vulnerabilities", under which there are 5 things listed so far.
The "DHCP Proof of concept Shellshock exploit" link that lanux128 posted alluded to definitely increased motivation around here to patch more machines -- though it looks like more patching may be necessary before long.
ewemoa:
A git repository with code to check for the originally reported vulnerability and (some of the?) subsequently revealed(?) ones...
test script for shellshocker and related vulnerabilities
The Bash vulnerability that is now known as shellshock had an incomplete fix at first. There are currently 4 public and one supposedly non-public vulnerability.
--- End quote ---
via https://github.com/hannob/bashcheck
Navigation
[0] Message Index
[*] Previous page
Go to full version