I am a bit confused about this bug. What is the vector to exploit this? If I turn off the web server daemon is the only vector then from those who can log in with appropriate credentials? I have an old RHEL server that no longer gets updates and a debian server that suddenly apt-get does not seem to work. I have shit down the debian server and turned off the web server daemon on the old RHEL box. Does that make it safe as long as no miscreant can log in via ssh (no telnet daemon in decades)? The press seems all sensational and says this is worse than Heartbleed but beyond that there is not much substance in what I have found so far. I have updated all of my RHEL/CentOS 5 & 6 boxes and run the test and it says I am clean, for now. For my MacOS I guess I have to wait for Apple. Can I tell my Mac users to turn off the web server and wait for the patch from Apple. Not that I think any of my mac users have turned on the web server but it is the only thing that I have seen as a vector short of a login.
Comments? Bruce On Sep 25, 2014, at 9:22 AM, Tim O'Guin <[email protected]> wrote: > How it can be exploited: > > http://security.stackexchange.com/questions/68122/what-is-a-specific-example-of-how-the-shellshock-bash-bug-could-be-exploited/68130#68130 > > Patched all our systems yesterday in a few seconds with Config Management > Tool of Choice (TM). > > > On Thu, Sep 25, 2014 at 9:17 AM, Holland Griffis <[email protected]> > wrote: > Meh, already patched. > > On Sep 25, 2014 9:14 AM, "Howard White" <[email protected]> wrote: > Customer sent me email asking about ShellShock/bash bug vulnerability. rut > roh! > > The first post I see says Fedora/Red Hat put up fixes. > > So much for not updating systems for years and years... > > Howard > > -- > -- -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
