|
Major security alert - Linux etc...
|
Fucking Linux :)
|
A bash patch was applied to our cpanel servers yesterday during an update.
|
https://gfy.com/showthread.php?t=1150685
Heads up though, it doesn't look like the patch fixed it completely yet. http://www.reddit.com/r/netsec/comme...l_exploitable/ |
|
ah that sucks
|
https://access.redhat.com/node/1200223
If you're affected, mod_security is the best way to stop this right now. If you're not using mod_security, iptables can protect you a little better than doing nothing. iptables -I INPUT -m string --hex-string '|28 29 20 7B|' --algo bm -j DROP |
To test if your version of Bash is vulnerable to this issue, run the following command:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" If the output of the above command looks as follows: vulnerable this is a test you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to: $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test |
already found people pinging to check for the exploit in my server logs ;[
update your servers asap! |
Quote:
|
Code:
yum clean all && yum update bash |
| All times are GMT -7. The time now is 08:38 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123