Main Area and Open Discussion > General Software Discussion

Linux bash exploit discovered

<< < (7/7)

lanux128:
i believe this has something to do with this post so i'll just leave this here.


• http://www.intelliadmin.com/index.php/2014/09/shellshock-a-vulnerability-to-look-out-for/

rgdot:
Update provided on Mint (bash 4.2-2Ubuntu2.3--->4.2-2Ubuntu2.5 ) fixes it as far as I can see, the tests quoted in this thread that showed vulnerable no longer do for me

ewemoa:
There is a Wikipedia page now:

  https://en.wikipedia.org/wiki/Shellshock_%28software_bug%29

One of the sections is "Reported Vulnerabilities", under which there are 5 things listed so far.


The "DHCP Proof of concept Shellshock exploit" link that lanux128 posted alluded to definitely increased motivation around here to patch more machines -- though it looks like more patching may be necessary before long.

ewemoa:
A git repository with code to check for the originally reported vulnerability and (some of the?) subsequently revealed(?) ones...

test script for shellshocker and related vulnerabilities

The Bash vulnerability that is now known as shellshock had an incomplete fix at first. There are currently 4 public and one supposedly non-public vulnerability.

--- End quote ---

via https://github.com/hannob/bashcheck

Navigation

[0] Message Index

[*] Previous page