I really like Red Hat's security blog. You can find it at securityblog.redhat.com. The two posts that deal with shellshock are: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ https://securityblog.redhat.com/2014/09/26/frequently-asked-questions-about-the-shellshock-bash-flaws/
On Wed, Oct 1, 2014 at 3:26 AM, Dan Egli <[email protected]> wrote: > Speaking of this vulnerability, is there a web site somewhere (like > trustedsec or similar) where this vulnerability is covered in more detail? > I'd really like to learn up on it, see how it is being used and how it's > being treated (besides by patching/updating your bash and/or php programs). > > Thanks! > --- Dan > > /* > PLUG: http://plug.org, #utah on irc.freenode.net > Unsubscribe: http://plug.org/mailman/options/plug > Don't fear the penguin. > */ > /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
