[nmglug] Critical Vulnerability in bash

Sam Noble s at mnoble.net
Thu Sep 25 07:43:19 PDT 2014


On Wed, Sep 24, 2014 at 11:24:35PM -0600, Max Bond wrote:
> There is a critical vulnerability in bash which can often lead to remote
> execution of code or local elevation of privileges.
> 
> Theres a patch in the repositories but it doesn't actually fix the issue
> yet.
> 
> Bring down everything you can; don't connect to distrusted DCHP servers;
> Apple is also effected, as are Android and iPhones; this is going to have a
> huge fallout. Be prepared to update your home router. Most routers rely on
> bash CGIs which are the biggest attack vector. Worms are imminently
> expected.
> 
> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

The DHCP thing, is interesting, and this _is_ a serious deal for
webservers with mod_cgi, But the home router thing, which I keep hearing
people say, is going to be crazy rare. Unless you're like me and
manually install bash in libreWRT/openWRT etc, /bin/sh is nearly
certainly pointing to busybox and it's built in ash shell. 

Otherwise it looks to me like this mostly falls back to being an
un-scary local exploit, right? Like if you have credentialed but
untrusted local users?

Now I have to rethink that public shell server business that was going
to make me env RICHNESS_LEVEL='(ALIBABAIPO) { :;}; dpkg-vendor --is
debian || debootstrap stable /' echo $RICHNESS_LEVEL

-- 
sam


More information about the nmglug mailing list