[App_rpt-users] NEW Security Issues
David McGough
kb4fxc at inttek.net
Thu Sep 25 20:29:30 UTC 2014
Hi Everyone,
I'm going to try to slow the panic here! WHY is this such a huge security
concern for AllStar users????
The only remote attack vector that might be of concern is via the apache
webserver. And, this is only a concern if you've got bash shell scripts in
a publicly accessible cgi-bin directory. So, if you do have a vulnerable
cgi-bin, just temporarily do a "chmod 700" on this directory and the
problem is mitigated....Or, just stop the apache service entirely.
This vulnerability isn't like HeartBleed from several months ago. Nor does
it provide a means for privilege escalation.
Am I missing something??? (I hope not! I've got over 100 servers with
this vulnerability currently).
So, slow down and -plan- this fix. Don't break your system due to an
unneeded panic!
73, David KB4FXC
On Thu, 25 Sep 2014 mike at midnighteng.com wrote:
>
> The increase in recent hack attempts are the result of the resent knowlage of a fundamental bug in bash.
> It was not a big deal till someone published the flaw before some patches could be issued.
>
> Some folks set-ups are vulnerable. If you run HTTP, you certainly are.
>
> Just a FYI...
>
> SHELLSHOCK - this is bigger and older than heartbleed.
>
> It is a very big deal for "all" linux systems running http.
>
> http://seclists.org/oss-sec/2014/q3/650
>
> to check your version of bash, type
>
> cd /bin
> bash --version
>
> our acid installs should be at 3.2
> Remote ssh devices are possibly at risk.
> Current patches may not be entirely effective.
> Much more to be known about this.
>
> google shellshock for more info.
>
> ...mike/kb8jnm
>
>
>
>
More information about the App_rpt-users
mailing list