Major security alert - Linux etc...

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • EddyTheDog
    Just Doing My Own Thing
    • Jan 2011
    • 25433

    #1

    Major security alert - Linux etc...

    http://www.bbc.co.uk/news/technology-29361794

    Looks serious.....
  • seeandsee
    Check SIG!
    • Mar 2006
    • 50945

    #2
    Fucking Linux
    BUY MY SIG - 50$/Year

    Contact here

    Comment

    • WDF
      Confirmed User
      • Jan 2013
      • 2248

      #3
      A bash patch was applied to our cpanel servers yesterday during an update.
      Please HELP

      Comment

      • Babaganoosh
        ♥♥♥ Likes Hugs ♥♥♥
        • Nov 2001
        • 15841

        #4
        http://gfy.com/showthread.php?t=1150685

        Heads up though, it doesn't look like the patch fixed it completely yet.

        http://www.reddit.com/r/netsec/comme...l_exploitable/
        I like pie.

        Comment

        • Harmon
          ( ͡ʘ╭͜ʖ╮͡ʘ)
          • Mar 2004
          • 20012

          #5
          [email protected]

          Comment

          • _Richard_
            Too lazy to set a custom title
            • Oct 2006
            • 30991

            #6
            ah that sucks

            Comment

            • Babaganoosh
              ♥♥♥ Likes Hugs ♥♥♥
              • Nov 2001
              • 15841

              #7
              https://access.redhat.com/node/1200223

              If you're affected, mod_security is the best way to stop this right now.

              If you're not using mod_security, iptables can protect you a little better than doing nothing.

              iptables -I INPUT -m string --hex-string '|28 29 20 7B|' --algo bm -j DROP
              I like pie.

              Comment

              • MrGusMuller
                Confirmed User
                • Oct 2010
                • 1262

                #8
                To test if your version of Bash is vulnerable to this issue, run the following command:

                $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
                If the output of the above command looks as follows:

                vulnerable this is a test
                you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

                $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test
                StagCMS - Adult CMS - user friendly adult content management system - speed up your websites with no SQL connections
                ICQ: 63*23*43*113

                Comment

                • nm_
                  Confirmed User
                  • May 2011
                  • 328

                  #9
                  already found people pinging to check for the exploit in my server logs ;[

                  update your servers asap!

                  Comment

                  • Klen
                    • Aug 2006
                    • 32235

                    #10
                    Originally posted by MrGusMuller
                    To test if your version of Bash is vulnerable to this issue, run the following command:

                    $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
                    If the output of the above command looks as follows:

                    vulnerable this is a test
                    you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

                    $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test
                    Got second thing so i guess i am patched.But this look same shit as mysql inject on sql select query.

                    Comment

                    • just a punk
                      So fuckin' bored
                      • Jun 2003
                      • 32393

                      #11
                      Code:
                      yum clean all && yum update bash
                      Obey the Cowgod

                      Comment

                      Working...