Interessante que no patch de ontem veio explicito que corrigiria isto.
[...]
patches/packages/bash-4.2.048-i486-2_slack14.1.txz: Rebuilt.
Patched an additional trailing string processing vulnerability discovered
by Tavis Ormandy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
(* Security fix *)
[...]
Ja identifiquei varios malucos varrendo esta falha de forma caótica. por ex:
() { :; }; reboot
Tambem já ouvi relatos de um cara que subiu um dhcpd vulneravel na casa
dele e ownou iphone, ipad, android, smarttv.
On Fri, Sep 26, 2014 at 1:38 PM, Max Miorim <[email protected]> wrote:
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169
>
> Eu não sei porque isso não é desativado por padrão e quem quiser fazer
> este tipo de coisa no shell que use um shopt da vida para habilitar.
> :|
>
> On Fri, Sep 26, 2014 at 1:31 PM, Oda <[email protected]> wrote:
> > e vamos nos de novo...
> > --
> > Oda
> > ------------------------------------------------------
> > If you don't have time to do it right, where
> > are you going to find the time to do it over?
> > ------------------------------------------------------
> >
> >
> > On Fri, Sep 26, 2014 at 1:21 PM, J. Tozo <[email protected]> wrote:
> >> Fujam para as colinas!
> >>
> >> root@host:~# env X='() { (a)=>\' sh -c "echo vulnerable"; bash -c
> 'test'
> >> env X='() { (a)=>\' sh -c "echo vulnerable"; bash -c 'test'
> >> sh: X: line 1: syntax error near unexpected token `='
> >> sh: X: line 1: `'
> >> sh: error importing function definition for `X'
> >> vulnerable
> >>
> >> fonte:
> >> https://twitter.com/taviso/status/514887394294652929
> >>
> >>
> >>
> >> On Thu, Sep 25, 2014 at 9:07 PM, J. Tozo <[email protected]> wrote:
> >>>
> >>> Isso o (SSA:2014-268-01)
> >>>
> >>> On Thu, Sep 25, 2014 at 8:53 PM, Oda <[email protected]> wrote:
> >>>>
> >>>> instalou o de hoje, ne?
> >>>>
> >>>> On Sep 25, 2014 8:40 PM, "J. Tozo" <[email protected]> wrote:
> >>>>>
> >>>>> ufa!
> >>>>>
> >>>>> root@host:/root# env x='() { :;}; echo vulnerable' bash -c "echo
> this is
> >>>>> a test"
> >>>>> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
> >>>>> bash: warning: x: ignoring function definition attempt
> >>>>> bash: error importing function definition for `x'
> >>>>> this is a test
> >>>>>
> >>>>>
> >>>>>
> >>>>> ---------- Forwarded message ----------
> >>>>> From: Slackware Security Team <[email protected]>
> >>>>> Date: Thu, Sep 25, 2014 at 5:38 PM
> >>>>> Subject: [slackware-security] bash (SSA:2014-268-01)
> >>>>> To: [email protected]
> >>>>>
> >>>>>
> >>>>>
> >>>>> -----BEGIN PGP SIGNED MESSAGE-----
> >>>>> Hash: SHA1
> >>>>>
> >>>>> [slackware-security] bash (SSA:2014-268-01)
> >>>>>
> >>>>> New bash packages are available for Slackware 13.0, 13.1, 13.37,
> 14.0,
> >>>>> 14.1,
> >>>>> and -current to fix a security issue.
> >>>>>
> >>>>>
> >>>>> Here are the details from the Slackware 14.1 ChangeLog:
> >>>>> +--------------------------+
> >>>>> patches/packages/bash-4.2.048-i486-2_slack14.1.txz: Rebuilt.
> >>>>> Patched an additional trailing string processing vulnerability
> >>>>> discovered
> >>>>> by Tavis Ormandy.
> >>>>> For more information, see:
> >>>>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
> >>>>> (* Security fix *)
> >>>>> +--------------------------+
> >>>>>
> >>>>>
> >>>>> Where to find the new packages:
> >>>>> +-----------------------------+
> >>>>>
> >>>>> Thanks to the friendly folks at the OSU Open Source Lab
> >>>>> (http://osuosl.org) for donating FTP and rsync hosting
> >>>>> to the Slackware project! :-)
> >>>>>
> >>>>> Also see the "Get Slack" section on http://slackware.com for
> >>>>> additional mirror sites near you.
> >>>>>
> >>>>> Updated package for Slackware 13.0:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bash-3.1.018-i486-2_slack13.0.txz
> >>>>>
> >>>>> Updated package for Slackware x86_64 13.0:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bash-3.1.018-x86_64-2_slack13.0.txz
> >>>>>
> >>>>> Updated package for Slackware 13.1:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bash-4.1.012-i486-2_slack13.1.txz
> >>>>>
> >>>>> Updated package for Slackware x86_64 13.1:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bash-4.1.012-x86_64-2_slack13.1.txz
> >>>>>
> >>>>> Updated package for Slackware 13.37:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bash-4.1.012-i486-2_slack13.37.txz
> >>>>>
> >>>>> Updated package for Slackware x86_64 13.37:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bash-4.1.012-x86_64-2_slack13.37.txz
> >>>>>
> >>>>> Updated package for Slackware 14.0:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bash-4.2.048-i486-2_slack14.0.txz
> >>>>>
> >>>>> Updated package for Slackware x86_64 14.0:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bash-4.2.048-x86_64-2_slack14.0.txz
> >>>>>
> >>>>> Updated package for Slackware 14.1:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bash-4.2.048-i486-2_slack14.1.txz
> >>>>>
> >>>>> Updated package for Slackware x86_64 14.1:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bash-4.2.048-x86_64-2_slack14.1.txz
> >>>>>
> >>>>> Updated package for Slackware -current:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/bash-4.3.025-i486-2.txz
> >>>>>
> >>>>> Updated package for Slackware x86_64 -current:
> >>>>>
> >>>>>
> ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/bash-4.3.025-x86_64-2.txz
> >>>>>
> >>>>>
> >>>>> MD5 signatures:
> >>>>> +-------------+
> >>>>>
> >>>>> Slackware 13.0 package:
> >>>>> 93780575208505d17b5305b202294e16 bash-3.1.018-i486-2_slack13.0.txz
> >>>>>
> >>>>> Slackware x86_64 13.0 package:
> >>>>> 6ec269c8e958cd6265821b480af8e5d7 bash-3.1.018-x86_64-2_slack13.0.txz
> >>>>>
> >>>>> Slackware 13.1 package:
> >>>>> 21235413470903bb8eec907acb5b3248 bash-4.1.012-i486-2_slack13.1.txz
> >>>>>
> >>>>> Slackware x86_64 13.1 package:
> >>>>> e69bacaf484e8f924c09eacd91c8c737 bash-4.1.012-x86_64-2_slack13.1.txz
> >>>>>
> >>>>> Slackware 13.37 package:
> >>>>> fa05abe5c8d6557ec1cef124e5d877ce bash-4.1.012-i486-2_slack13.37.txz
> >>>>>
> >>>>> Slackware x86_64 13.37 package:
> >>>>> 97a0005c1e0701c8912dc30f8a6f2908
> bash-4.1.012-x86_64-2_slack13.37.txz
> >>>>>
> >>>>> Slackware 14.0 package:
> >>>>> d319186a0ab7e85562684669afc878c3 bash-4.2.048-i486-2_slack14.0.txz
> >>>>>
> >>>>> Slackware x86_64 14.0 package:
> >>>>> 8835dc729d6029fc20b6b1b1df72ce13 bash-4.2.048-x86_64-2_slack14.0.txz
> >>>>>
> >>>>> Slackware 14.1 package:
> >>>>> fbb4b906de3a8f9bf5209fcc80e2a413 bash-4.2.048-i486-2_slack14.1.txz
> >>>>>
> >>>>> Slackware x86_64 14.1 package:
> >>>>> a786b69705d1ebb67fbf31df9d032699 bash-4.2.048-x86_64-2_slack14.1.txz
> >>>>>
> >>>>> Slackware -current package:
> >>>>> bba7e4260df8c4d91d99dbf13d44ec79 a/bash-4.3.025-i486-2.txz
> >>>>>
> >>>>> Slackware x86_64 -current package:
> >>>>> 7c9a285415bd636469da0cf405bb5692 a/bash-4.3.025-x86_64-2.txz
> >>>>>
> >>>>>
> >>>>> Installation instructions:
> >>>>> +------------------------+
> >>>>>
> >>>>> Upgrade the package as root:
> >>>>> # upgradepkg bash-4.2.048-i486-2_slack14.1.txz
> >>>>>
> >>>>>
> >>>>> +-----+
> >>>>>
> >>>>> Slackware Linux Security Team
> >>>>> http://slackware.com/gpg-key
> >>>>> [email protected]
> >>>>>
> >>>>>
> >>>>>
> +------------------------------------------------------------------------+
> >>>>> | To leave the slackware-security mailing list:
> >>>>> |
> >>>>>
> >>>>>
> +------------------------------------------------------------------------+
> >>>>> | Send an email to [email protected] with this text in the
> body of
> >>>>> |
> >>>>> | the email message:
> >>>>> |
> >>>>> |
> >>>>> |
> >>>>> | unsubscribe slackware-security
> >>>>> |
> >>>>> |
> >>>>> |
> >>>>> | You will get a confirmation message back containing instructions to
> >>>>> |
> >>>>> | complete the process. Please do not reply to this email address.
> >>>>> |
> >>>>>
> >>>>>
> +------------------------------------------------------------------------+
> >>>>> -----BEGIN PGP SIGNATURE-----
> >>>>> Version: GnuPG v1
> >>>>>
> >>>>> iEYEARECAAYFAlQkdUsACgkQakRjwEAQIjPl0wCfUS0xw+BCzbg4nM2MxCSvyhWx
> >>>>> U0cAmQGEPijPWxKKdy42YLW1v64qvqzh
> >>>>> =d2fH
> >>>>> -----END PGP SIGNATURE-----
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> Grato,
> >>>>>
> >>>>> Tozo
> >>>>>
> >>>>> --
> >>>>> GUS-BR - Grupo de Usuários de Slackware Brasil
> >>>>> http://www.slackwarebrasil.org/
> >>>>> http://groups.google.com/group/slack-users-br
> >>>>>
> >>>>> Antes de perguntar:
> >>>>>
> >>>>>
> http://www.vivaolinux.com.br/artigo/Como-elaborar-perguntas-para-listas-de-discussao
> >>>>>
> >>>>> Para sair da lista envie um e-mail para:
> >>>>> [email protected]
> >>>>> ---
> >>>>> Você recebeu essa mensagem porque está inscrito no grupo "Slackware
> >>>>> Users Group - Brazil" dos Grupos do Google.
> >>>>> Para cancelar inscrição nesse grupo e parar de receber e-mails dele,
> >>>>> envie um e-mail para [email protected].
> >>>>> Para mais opções, acesse https://groups.google.com/d/optout.
> >>>>
> >>>> --
> >>>> GUS-BR - Grupo de Usuários de Slackware Brasil
> >>>> http://www.slackwarebrasil.org/
> >>>> http://groups.google.com/group/slack-users-br
> >>>>
> >>>> Antes de perguntar:
> >>>>
> >>>>
> http://www.vivaolinux.com.br/artigo/Como-elaborar-perguntas-para-listas-de-discussao
> >>>>
> >>>> Para sair da lista envie um e-mail para:
> >>>> [email protected]
> >>>> ---
> >>>> Você recebeu essa mensagem porque está inscrito no grupo "Slackware
> Users
> >>>> Group - Brazil" dos Grupos do Google.
> >>>> Para cancelar inscrição nesse grupo e parar de receber e-mails dele,
> >>>> envie um e-mail para [email protected].
> >>>> Para mais opções, acesse https://groups.google.com/d/optout.
> >>>
> >>>
> >>>
> >>>
> >>> --
> >>> Grato,
> >>>
> >>> Tozo
> >>>
> >>
> >>
> >>
> >> --
> >> Grato,
> >>
> >> Tozo
> >>
> >> --
> >> GUS-BR - Grupo de Usuários de Slackware Brasil
> >> http://www.slackwarebrasil.org/
> >> http://groups.google.com/group/slack-users-br
> >>
> >> Antes de perguntar:
> >>
> http://www.vivaolinux.com.br/artigo/Como-elaborar-perguntas-para-listas-de-discussao
> >>
> >> Para sair da lista envie um e-mail para:
> >> [email protected]
> >> ---
> >> Você recebeu essa mensagem porque está inscrito no grupo "Slackware
> Users
> >> Group - Brazil" dos Grupos do Google.
> >> Para cancelar inscrição nesse grupo e parar de receber e-mails dele,
> envie
> >> um e-mail para [email protected].
> >> Para mais opções, acesse https://groups.google.com/d/optout.
> >
> > --
> > GUS-BR - Grupo de Usuários de Slackware Brasil
> > http://www.slackwarebrasil.org/
> > http://groups.google.com/group/slack-users-br
> >
> > Antes de perguntar:
> >
> http://www.vivaolinux.com.br/artigo/Como-elaborar-perguntas-para-listas-de-discussao
> >
> > Para sair da lista envie um e-mail para:
> > [email protected]
> > ---
> > Você está recebendo esta mensagem porque se inscreveu no grupo
> "Slackware Users Group - Brazil" dos Grupos do Google.
> > Para cancelar inscrição nesse grupo e parar de receber e-mails dele,
> envie um e-mail para [email protected].
> > Para obter mais opções, acesse https://groups.google.com/d/optout.
>
> --
> GUS-BR - Grupo de Usuários de Slackware Brasil
> http://www.slackwarebrasil.org/
> http://groups.google.com/group/slack-users-br
>
> Antes de perguntar:
>
> http://www.vivaolinux.com.br/artigo/Como-elaborar-perguntas-para-listas-de-discussao
>
> Para sair da lista envie um e-mail para:
> [email protected]
> ---
> Você está recebendo esta mensagem porque se inscreveu no grupo "Slackware
> Users Group - Brazil" dos Grupos do Google.
> Para cancelar inscrição nesse grupo e parar de receber e-mails dele, envie
> um e-mail para [email protected].
> Para obter mais opções, acesse https://groups.google.com/d/optout.
>
--
Grato,
Tozo
--
GUS-BR - Grupo de Usuários de Slackware Brasil
http://www.slackwarebrasil.org/
http://groups.google.com/group/slack-users-br
Antes de perguntar:
http://www.vivaolinux.com.br/artigo/Como-elaborar-perguntas-para-listas-de-discussao
Para sair da lista envie um e-mail para:
[email protected]
---
Você está recebendo esta mensagem porque se inscreveu no grupo "Slackware Users
Group - Brazil" dos Grupos do Google.
Para cancelar inscrição nesse grupo e parar de receber e-mails dele, envie um
e-mail para [email protected].
Para obter mais opções, acesse https://groups.google.com/d/optout.
