You are not logged in.
Pages: 1
Hello Guys
I was hopping around internet news and found out this
A newly discovered security bug in a widely used piece of Linux software, known as "Bash," could pose a bigger threat to computer users than the "Heartbleed" bug that surfaced in April, cyber experts warned on Wednesday.
Bash is the software used to control the command prompt on many Unix computers. Hackers can exploit a bug in Bash to take complete control of a targeted system, security experts said.
The Department of Homeland Security's United States Computer Emergency Readiness Team, or US-CERT, issued an alert saying the vulnerability affected Unix-based operating systems including Linux and Apple Inc's Mac OS X.
Anyone knows how can someone control a Linux / Unix as we all know bash is a local script called internally from the server
and the only way to make it run every 1 minute as the minimum time using crontab
2nd thing getting on my mind how can you hack using bash if you can't get ssh access with a username / password to a public linux server
3rd on local desktop like Ubuntu , LinuxMinit , Debain , Fedora , CentOS etc.. you got access to bash using terminal from a username but we all know that the user has a privilege he can't bypass to use a root privilege still he can do some evil things on it but you can easily catch it .
It's not a ~privilege escalation issue.
The issue is how environment variables are processed resulting in bash running code you didn't intend it to do.
According to godaddy, bash is the shell used by their servers. https://pbs.twimg.com/media/ByWUeobCIAARuNU.png
But in reality, you can bomb fork, DDOS, inject code into webservers that run cgi handler and some other cool stuff
Not to hijack the conversation, but this is one of these days where I'm happy that I'm running Windows on my server. I was not directly affected by the SSL bug earlier this year either, although a couple of server processes might have been.
There are other nice things about Windows as well.
Godaddy shared hosts are still vulnerable after so many hours, unless they did some other workaround.
-bash-3.2$ env x='() { :;}; echo vulnerable' bash -c "echo vun"
vulnerable
vun
Last edited by Hybrid (September 25 2014)
Not to hijack the conversation, but this is one of these days where I'm happy that I'm running Windows on my server. I was not directly affected by the SSL bug earlier this year either, although a couple of server processes might have been.
There are other nice things about Windows as well.
Not to beat down on Microsoft or you, but Microsoft does still have its fair share of vulnerabilities, some of them spooky.
http://www.cvedetails.com/vulnerability … osoft.html
Anyway, Microsoft is becoming less of a major target with all the move to Android and Linux Servers...
Last edited by arithma (September 25 2014)
It is fixed in bash 4.3.25
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025
I just compiled and installed the update on my computer.
A final patch has been released earlier today. If you patched yesterday, you are required to re-patch today.
Some mirrors are still getting updated though.
More info:
https://rhn.redhat.com/errata/RHSA-2014-1306.html
https://bugs.debian.org/cgi-bin/bugrepo … =762760#56
To test if your server is vulnerable:
CVE-2014-6271 (Yesterday's patch)
env x='() { :;}; echo vulnerable' bash -c "echo vun"
you're vulnerable if the output is:
vulnerable
vun
CVE-2014-7169
env X='() { (a)=>\' sh -c "echo date"; cat echo
You're vulnerable if a file is created called "echo" containing the current date
Can't find a new patch http://ftp.gnu.org/gnu/bash/bash-4.3-patches/
Can't find a new patch http://ftp.gnu.org/gnu/bash/bash-4.3-patches/
Compiling the last version from the source is not vulnerable as far as I know.
But I meant if you're updating from the repos, you have to re-update because the patch that were released yesterday were incomplete.
Thank you for the heads-up Hybrid. The Debian wheezy repos have been updated with the properly patched version.
Pages: 1