See also CVE-2014-7169 - the fix pushed out yesterday is incomplete. https://bugzilla.redhat.com/show_bug.cgi?id=1146319
The RedHat Bugzilla report for CVE-2014-6271 is here: https://bugzilla.redhat.com/show_bug.cgi?id=1141597 Cheers, Phil From: [email protected] [mailto:[email protected]] On Behalf Of Dave Hardyman Sent: 25 September 2014 13:50 To: [email protected] Subject: RE: [NTSysADM] Major Bash Vulnerability -- ALL versions Palo Alto Networks pushed out an emergency content update to our firewall overnight to address this vulnerability. Dave From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Andrew S. Baker Sent: Thursday, September 25, 2014 7:40 AM Subject: [NTSysADM] Major Bash Vulnerability -- ALL versions Good morning, There has been a significant vulnerability found a core Unix/Linux component (Bash) which affects ALL known versions of this component across every Unix-like OS. The potential impact of this vulnerability is already being compared to the Heartbleed OpenSSL vunerability from April 2014, but the scope is much larger - approx. 500 million Unix and Unix-like systems (this includes OSX, as well as any Windows installations that are running something like Cygwin to enable Unix commands). This issue is significant because even if the Bash shell is not used manually, it can be called by other components. More details can be found in the following articles: * http://threatpost.com/major-bash-vulnerability-affects-linux-unix-mac-os-x * http://www.zdnet.com/unixlinux-bash-critical-security-hole-uncovered-7000034021/ * http://askubuntu.com/questions/528101/what-is-the-cve-2014-6271-bash-vulnerability-and-how-do-i-fix-it * https://blog.cloudflare.com/bash-vulnerability-cve-2014-6271-patched/ * https://community.qualys.com/blogs/securitylabs/2014/09/24/bash-remote-code-execution-vulnerability-cve-2014-6271 * http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/ * http://seclists.org/oss-sec/2014/q3/650 * http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html Proof of Concept Validation * https://community.qualys.com/blogs/securitylabs/2014/09/24/bash-remote-code-execution-vulnerability-cve-2014-6271 * https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ Operating System fixes: * http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/ * http://www.ubuntu.com/usn/usn-2362-1/ * https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ Regards, -ASB: http://xeeme.com/AndrewBaker Hoople Ltd, Registered in England and Wales No. 7556595 Registered office: Plough Lane, Hereford, HR4 0LE "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it."
