[App_rpt-users] NEW Security Issues

David McGough kb4fxc at inttek.net
Thu Sep 25 20:29:30 UTC 2014


Hi Everyone,

I'm going to try to slow the panic here! WHY is this such a huge security
concern for AllStar users????

The only remote attack vector that might be of concern is via the apache
webserver. And, this is only a concern if you've got bash shell scripts in
a publicly accessible cgi-bin directory. So, if you do have a vulnerable
cgi-bin, just temporarily do a "chmod 700" on this directory and the
problem is mitigated....Or, just stop the apache service entirely.

This vulnerability isn't like HeartBleed from several months ago. Nor does 
it provide a means for privilege escalation.

Am I missing something???  (I hope not! I've got over 100 servers with 
this vulnerability currently).

So, slow down and -plan- this fix. Don't break your system due to an 
unneeded panic!


73, David KB4FXC





On Thu, 25 Sep 2014 mike at midnighteng.com wrote:

> 
> The increase in recent hack attempts are the result of the resent knowlage of a fundamental bug in bash.
> It was not a big deal till someone published the flaw before some patches could be issued.
> 
> Some folks set-ups are vulnerable. If you run HTTP, you certainly are.
> 
> Just a FYI...
> 
> SHELLSHOCK  - this is bigger and older than heartbleed.
> 
> It is a very big deal for "all" linux systems running http.
> 
> http://seclists.org/oss-sec/2014/q3/650       
> 
> to check your version of bash, type
> 
> cd /bin
> bash --version
> 
> our acid installs should be at 3.2
> Remote ssh devices are possibly at risk.
> Current patches may not be entirely effective.
> Much more to be known about this.
> 
> google shellshock for more info.
> 
> ...mike/kb8jnm
> 
> 
> 
> 




More information about the App_rpt-users mailing list