topic title: Remote Exploit Vulnerability Found In Bash
-
Posts: 17
- Joined: 17 Jul 2014
#1
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://seclists.org/oss-sec/2014/q3/650"
linktext was:"http://seclists.org/oss-sec/2014/q3/650"
====================================
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://lists.debian.org/debian-security-announce/2014/msg00220.html"
linktext was:"https://lists.debian.org/debian-securit ... 00220.html"
====================================
Debian and other GNU/Linux vendors plan to disclose a critical,
remotely exploitable security vulnerability in bash this week, related
to the processing of environment variables. Stephane Chazelas
discovered it, and CVE-2014-6271 has been assigned to it.
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://seclists.org/oss-sec/2014/q3/650"
linktext was:"http://seclists.org/oss-sec/2014/q3/650"
====================================
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://lists.debian.org/debian-security-announce/2014/msg00220.html"
linktext was:"https://lists.debian.org/debian-securit ... 00220.html"
====================================
Debian and other GNU/Linux vendors plan to disclose a critical,
remotely exploitable security vulnerability in bash this week, related
to the processing of environment variables. Stephane Chazelas
discovered it, and CVE-2014-6271 has been assigned to it.
-
Alanarchy
Posts 0 Alanarchy
#2
I just read it here.
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://tinyurl.com/k744q7m"
linktext was:"http://tinyurl.com/k744q7m"
====================================
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://tinyurl.com/k744q7m"
linktext was:"http://tinyurl.com/k744q7m"
====================================
It's been estimated that the bug has been present for at least a decade and most likely longer.
-
anticapitalista
- Posts: 5,956
- Site Admin
- Joined: 11 Sep 2007
#3
Thanks for the links. bash got upgraded today on my box.
-
Posts: 70
- Joined: 19 May 2013
#5
Better be vigilant and format the drive and reinstall...... every three months.
Lately I've been getting e-mails from people I know that contain links of web pages to visit.
Then, wham, infection........ so covert
What else is going on that we don't know about?
Lately I've been getting e-mails from people I know that contain links of web pages to visit.
Then, wham, infection........ so covert
What else is going on that we don't know about?
-
Posts: 4,164
- Joined: 20 Feb 2009
#6
I'm cool. __{{emoticon}}__
Code: Select all
~$ env X="() { :;} ; echo vulnerable" /bin/sh -c"echo safe"
safe
-
worktowork
Posts 0 worktowork
#7
From
I must have bash
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://lists.debian.org/debian-security-announce/2014/msg00220.html"
linktext was:"https://lists.debian.org/debian-securit ... 00220.html"
====================================
I have bash version : 4.2+dfsg-0.1+deb7u3 , so is it enough for security ?For the stable distribution (wheezy), this problem has been fixed in
version 4.2+dfsg-0.1+deb7u1
-
Posts: 325
- Joined: 04 Nov 2011
#8
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://en.wikipedia.org/wiki/Shellshock"
linktext was:"http://en.wikipedia.org/wiki/Shellshock"
====================================
_(software_bug
worktowork wrote:I have bash version : 4.2+dfsg-0.1+deb7u3 , so is it enough for security ?
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://en.wikipedia.org/wiki/Shellshock"
linktext was:"http://en.wikipedia.org/wiki/Shellshock"
====================================
_(software_bug
-
Alanarchy
Posts 0 Alanarchy
#9
Roky gave us the code to check our systems. Just paste into Roxterm:
and if it gives you"Safe" then you're safe.
Code: Select all
~$ env X="() { :;} ; echo vulnerable" /bin/sh -c"echo safe"
-
Posts: 667
- Joined: 01 Nov 2013
#10
Hurrah for Roky!
-
Posts: 325
- Joined: 04 Nov 2011
and what is with
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://en.wikipedia.org/wiki/Shellshock_%28software_bug%29#CVE-2014-7169"
linktext was:"http://en.wikipedia.org/wiki/Shellshock ... -2014-7169"
====================================
Code: Select all
$ env X='() { (a)=>\' sh -c"echo date"; cat echo
__{{emoticon}}__male wrote:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://en.wikipedia.org/wiki/Shellshock_%28software_bug%29#CVE-2014-7169"
linktext was:"http://en.wikipedia.org/wiki/Shellshock ... -2014-7169"
====================================
-
Posts: 119
- Joined: 31 May 2014
#12
It does not as yet appear fixed in stable/Wheezy for MX-13 (no bash upgrades have shown up recently & the test code above fails)
-
Posts: 1,062
- Joined: 20 Jan 2010
#13
Did you apt-get update or reload in synaptic?
If so maybe post your sources here... inxi -r maybe?
If so maybe post your sources here... inxi -r maybe?
-
Posts: 119
- Joined: 31 May 2014
#14
Yes, I did refresh & here are the sources:
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://antix.daveserver.info/stable"
linktext was:"http://antix.daveserver.info/stable"
====================================
stable main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://ftp.us.debian.org/debian"
linktext was:"http://ftp.us.debian.org/debian"
====================================
wheezy non-free contrib main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://security.debian.org"
linktext was:"http://security.debian.org"
====================================
wheezy/updates non-free contrib main
deb-src
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://ftp.us.debian.org/debian"
linktext was:"http://ftp.us.debian.org/debian"
====================================
wheezy non-free contrib main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://ftp.us.debian.org/debian"
linktext was:"http://ftp.us.debian.org/debian"
====================================
wheezy-backports non-free contrib main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.deb-multimedia.org"
linktext was:"http://www.deb-multimedia.org"
====================================
wheezy non-free main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://antix.daveserver.info/stable"
linktext was:"http://antix.daveserver.info/stable"
====================================
stable main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://ftp.us.debian.org/debian"
linktext was:"http://ftp.us.debian.org/debian"
====================================
wheezy non-free contrib main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://security.debian.org"
linktext was:"http://security.debian.org"
====================================
wheezy/updates non-free contrib main
deb-src
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://ftp.us.debian.org/debian"
linktext was:"http://ftp.us.debian.org/debian"
====================================
wheezy non-free contrib main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://ftp.us.debian.org/debian"
linktext was:"http://ftp.us.debian.org/debian"
====================================
wheezy-backports non-free contrib main
deb
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.deb-multimedia.org"
linktext was:"http://www.deb-multimedia.org"
====================================
wheezy non-free main
-
Posts: 1,062
- Joined: 20 Jan 2010
#15
Well the only difference between my sources and yours are the deb-src, multimedia, and back ports are enabled.
Maybe try commenting them and reloading.
Other than that all I can think of is that you are still holding an old bash session and need to start a new session. I did a reboot to make sure everything was using a new session of bash.
Perhaps you could do a bash --version or dpkg --list | grep"bash" to find which bash version you have?
Maybe try commenting them and reloading.
Other than that all I can think of is that you are still holding an old bash session and need to start a new session. I did a reboot to make sure everything was using a new session of bash.
Perhaps you could do a bash --version or dpkg --list | grep"bash" to find which bash version you have?