On 09/25/2014 08:23 AM, Michael Torrie wrote: > On 09/24/2014 08:33 PM, Ryan Simpkins wrote: >> On Wed, September 24, 2014 19:32, Jeremy Pace wrote: >>> I was a little surprised to not see some posts regarding this vulnerability: >> >> We were all too busy patching systems. All patched now. Thank you SaltStack >> for making my system orchestration problems a distant memory! Responding to >> security events like this with Salt makes for a much nicer day. > > Dumb question, but since I've been living under a rock these last few > weeks and have only had chance to see the headlines, is this > vulnerability remotely exploitable with, say ssh? I've run a few tests > and I'm unable to get the exploit to work remotely unless I get the > login to succeed. Obviously I'm missing something. Can someone help me > out here? > > Also I discovered my aging Centos 5 server is not vulnerable. :)
Oops, wrong. yum update brings in the patch. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
