[nmglug] Critical Vulnerability in bash
Max Bond
max.o.bond at gmail.com
Wed Sep 24 22:24:35 PDT 2014
There is a critical vulnerability in bash which can often lead to remote
execution of code or local elevation of privileges.
Theres a patch in the repositories but it doesn't actually fix the issue
yet.
Bring down everything you can; don't connect to distrusted DCHP servers;
Apple is also effected, as are Android and iPhones; this is going to have a
huge fallout. Be prepared to update your home router. Most routers rely on
bash CGIs which are the biggest attack vector. Worms are imminently
expected.
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nmglug.org/pipermail/nmglug-nmglug.org/attachments/20140924/8f2aaa75/attachment.htm>
More information about the nmglug
mailing list