Upgraded our systems at 6am yesterday for this. Also pulled the bash
.deb out of debian-stable/security for our ubiquiti edgerouters. (I made
on a post on the UBNT forumwith the CVE info yesterday.)
Side note: TONS of things are affected by this...
Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com <http://www.spitwspots.com>
On 09/25/2014 10:25 AM, Peter Kranz via Af wrote:
PS.. This vulnerability can be exploited via HTTP/Apache attack vectors, so you
need to patch any vulnerable system running Apache.
Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com
Desk: 510-868-1614 x100
Mobile: 510-207-0000
[email protected]
-----Original Message-----
From: Af [mailto:[email protected]] On Behalf Of Matt
via Af
Sent: Thursday, September 25, 2014 10:27 AM
To: [email protected]
Subject: [AFMUG] Bash specially-crafted environment variables code injection
attack
Bash specially-crafted environment variables code injection attack
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
