On Fri, 2014-09-26 at 10:36 +1200, Chris Hellyar wrote: > The current published/known exploit/vector from this is via apache, with > cgi enabled and a cgi script using bash as it's interpreter. > > so... a2dismod cgi on your deb/ubuntu boxes with apache, and whatever > the equiv. is on RH, can't think of it for the mo.. That will fix that > vector. >
Or just upgrade to nginx... -- Steve Holdoway BSc(Hons) MIITP http://www.greengecko.co.nz Linkedin: http://www.linkedin.com/in/steveholdoway Skype: sholdowa _______________________________________________ Linux-users mailing list [email protected] http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
