linuxducks.free-forums.org

LinuxDucks Forum Linux Operating System Club
It is currently Sat Sep 23, 2017 3:47 pm

All times are UTC - 4 hours [ DST ]




Post new topic Reply to topic  [ 9 posts ] 
Author Message
 Post subject: US-CERT: Bash Remote Code Execution Vulnerability
PostPosted: Fri Sep 26, 2014 9:45 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
US-CERT: Bourne Again Shell (Bash) Remote Code Execution Vulnerability

Fwd: Bourne Again Shell (Bash) Remote Code Execution Vulnerability

https://www.us-cert.gov/ncas/current-ac ... nerability

-------- Forwarded Message --------
Subject: Bourne Again Shell (Bash) Remote Code Execution Vulnerability
Date: Wed, 24 Sep 2014 18:17:21 -0500
From: US-CERT <US-CERT@ncas.us-cert.gov>
Reply-To: US-CERT@ncas.us-cert.gov
To: gerald309@gmail.com


NCCIC / US-CERT

National Cyber Awareness System:
Bourne Again Shell (Bash) Remote Code Execution Vulnerability
09/24/2014 06:06 PM EDT

Original release date: September 24, 2014

US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.

US-CERT recommends users and administrators review the Redhat Security Blog for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A GNU Bash patch is also available for experienced users and administrators to implement.

Operating systems with updates include:

CentOS
Debian
Redhat

This product is provided subject to this Notification and this Privacy & Use policy.
OTHER RESOURCES:
Contact Us | Security Publications | Alerts and Tips | Related Resources
STAY CONNECTED:
Sign up for email updates
This email was sent to gerald309@gmail.com using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery

Posted by: Gerald309 <gerald309@gmail.com>


HOME: http://linuxducks.webs.com/
Alternates: https://sites.google.com/site/linuxducks/home
-------
Owner: http://tech.groups.yahoo.com/group/linuxducks/
RSS https://groups.google.com/forum/feed/li ... xml?num=15

RSS / OPTIONS
http://groups.google.com/group/linuxducks/feeds

MAIN DOMAIN http://bluecollarpc.us/
Windows Malware Removal / Amateur Forensics)
http://bluecollarpc.us/

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Critical Bash bug opens Unix, Linux, OS X systems to attacks
PostPosted: Fri Sep 26, 2014 9:45 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Critical Bash bug opens Unix, Linux, OS X systems to attacks
Posted on Sep 25, 2014 03:20 pm
The Bash "shellshock" flaw (CVE-2014-6271) was discovered last week by Unix/Linux specialist Stephane Chazelas, and its existence was made public on Wednesday. It affects Bash, the command interpre...
Read in browser »
http://www.net-security.org/secworld.php?id=17413

--
SENDER: gerald309 --
Have A Safe Computing Day!
Webmaster: Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/Blue ... CSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Re: US-CERT: Bash Remote Code Execution VVulnerability
PostPosted: Fri Sep 26, 2014 9:47 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Fwd: TA14-268A: GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271,CVE-2014-7169)


-------- Forwarded Message --------
Subject: TA14-268A: GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271,CVE-2014-7169)
Date: Thu, 25 Sep 2014 14:10:29 -0500
From: US-CERT <US-CERT@ncas.us-cert.gov>
Reply-To: US-CERT@ncas.us-cert.gov
To: gerald309@gmail.com


NCCIC / US-CERT

National Cyber Awareness System:
TA14-268A: GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271,CVE-2014-7169)
09/25/2014 12:56 PM EDT

https://www.us-cert.gov/ncas/alerts/TA14-268A

Original release date: September 25, 2014
Systems Affected

GNU Bash through 4.3.
Linux, BSD, and UNIX distributions including but not limited to:
CentOS 5 through 7
Debian
Mac OS X
Red Hat Enterprise Linux 4 through 7
Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS

Overview

A critical vulnerability has been reported in the GNU Bourne Again Shell (Bash), the common command-line shell used in most Linux/UNIX operating systems and Apple’s Mac OS X. The flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system [1]. The United States Department of Homeland Security (DHS) is releasing this Technical Alert to provide further information about the GNU Bash vulnerability.
Description

GNU Bash versions 1.14 through 4.3 contain a flaw that processes commands placed after function definitions in the added environment variable, allowing remote attackers to execute arbitrary code via a crafted environment which enables network-based exploitation. [2, 3]

Critical instances where the vulnerability may be exposed include: [4, 5]

Apache HTTP Server using mod_cgi or mod_cgid scripts either written in bash, or spawn subshells.
Override or Bypass ForceCommand feature in OpenSSH sshd and limited protection for some Git and Subversion deployments used to restrict shells and allows arbitrary command execution capabilities.
Allow arbitrary commands to run on a DHCP client machine, various Daemons and SUID/privileged programs.
Exploit servers and other Unix and Linux devices via Web requests, secure shell, telnet sessions, or other programs that use Bash to execute scripts.

Impact

This vulnerability is classified by industry standards as “High” impact with CVSS Impact Subscore 10 and “Low” on complexity, which means it takes little skill to perform. This flaw allows attackers to provide specially crafted environment variables containing arbitrary commands that can be executed on vulnerable systems. It is especially dangerous because of the prevalent use of the Bash shell and its ability to be called by an application in numerous ways.
Solution

Patches have been released to fix this vulnerability by major Linux vendors for affected versions. Solutions for CVE-2014-6271 do not completely resolve the vulnerability. It is advised to install existing patches and pay attention for updated patches to address CVE-2014-7169.

Many UNIX-like operating systems, including Linux distributions, BSD variants, and Apple Mac OS X include Bash and are likely to be affected. Contact your vendor for updated information. A list of vendors can be found in CERT Vulnerability Note VU#252743 [6].

US-CERT recommends system administrators review the vendor patches and the NIST Vulnerability Summary for CVE-2014-7169, to mitigate damage caused by the exploit.
References

Ars Technica, Bug in Bash shell creates big security hole on anything with *nix in it;
DHS NCSD; Vulnerability Summary for CVE-2014-6271
DHS NCSD; Vulnerability Summary for CVE-2014-7169
Red Hat, CVE-2014-6271
Red Hat, Bash specially-crafted environment variables code injection attack
CERT Vulnerability Note VU#252743

Revision History

September 25, 2014 - Initial Release

This product is provided subject to this Notification and this Privacy & Use policy.
OTHER RESOURCES:
Contact Us | Security Publications | Alerts and Tips | Related Resources
STAY CONNECTED:
Sign up for email updates
This email was sent to gerald309@gmail.com using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Re: US-CERT: Bash Remote Code Execution VVulnerability
PostPosted: Mon Sep 29, 2014 6:56 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Shellshock bug: First malware to exploit security flaw spotted in the wild
Mirror.co.uk
The first malware apparently designed to exploit the devastating Shellshock vulnerability has been discovered online, and experts think it's the tip of ...
http://www.mirror.co.uk/news/technology ... it-4323080

--
SENDER: gerald309 --
Have A Safe Computing Day!
Webmaster: Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/Blue ... CSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Re: US-CERT: Bash Remote Code Execution VVulnerability
PostPosted: Mon Sep 29, 2014 6:57 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Honeypot Snares Two Bots Exploiting Bash Vulnerability
Threatpost
A honeypot run by researchers at AlienVault Labs has snared two separate pieces of malware attempting to exploit the Bash vulnerability. One sample ...
http://threatpost.com/honeypot-snares-t ... nerability

--
SENDER: gerald309 --
Have A Safe Computing Day!
Webmaster: Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/Blue ... CSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Bash Shellshock bug: More attacks, more patches
PostPosted: Thu Oct 02, 2014 7:47 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Bash Shellshock bug: More attacks, more patches
Posted on Sep 29, 2014 06:17 pm
As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens. Initial attacks gear...
Read in browser »
http://www.net-security.org/secworld.php?id=17423

--
SENDER: gerald309 --
Have A Safe Computing Day!
Webmaster: Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/Blue ... CSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Re: US-CERT: Bash Remote Code Execution VVulnerability
PostPosted: Thu Oct 02, 2014 7:50 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Fwd: Bourne-Again Shell (Bash) Remote Code Execution Vulnerability


-------- Forwarded Message --------
Subject: Bourne-Again Shell (Bash) Remote Code Execution Vulnerability
Date: Tue, 30 Sep 2014 21:13:26 -0500
From: US-CERT <US-CERT@ncas.us-cert.gov>
Reply-To: US-CERT@ncas.us-cert.gov
To: gerald309@gmail.com


NCCIC / US-CERT

National Cyber Awareness System:
Bourne-Again Shell (Bash) Remote Code Execution Vulnerability
09/24/2014 06:06 PM EDT

Original release date: September 24, 2014 | Last revised: September 30, 2014

https://www.us-cert.gov/ncas/current-ac ... nerability

US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.

US-CERT recommends users and administrators review TA14-268A, Vulnerability Note VU#252743 and the Redhat Security Blog for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A GNU Bash patch is also available for experienced users and administrators to implement.

This product is provided subject to this Notification and this Privacy & Use policy.
OTHER RESOURCES:
Contact Us | Security Publications | Alerts and Tips | Related Resources
STAY CONNECTED:
Sign up for email updates
This email was sent to gerald309@gmail.com using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery

Posted by: Gerald309

HOME: http://linuxducks.webs.com/
Alternates: https://sites.google.com/site/linuxducks/home
-------
Owner: http://tech.groups.yahoo.com/group/linuxducks/
RSS https://groups.google.com/forum/feed/li ... xml?num=15
RSS / OPTIONS:
http://groups.google.com/group/linuxducks/feeds
MAIN DOMAIN http://bluecollarpc.us/
Windows Malware Removal / Amateur Forensics)
http://bluecollarpc.us/

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: Attackers Rush to Exploit Bash Flaw Before Systems Are Patch
PostPosted: Fri Oct 03, 2014 1:19 pm 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
Attackers Rush to Exploit Bash Flaw Before Systems Are Patched
eWeek
... a variety of tools, from network scanners to malware, attempting to urgently exploit the vulnerabilities before the lion's share of systems are patched.
http://www.eweek.com/security/attackers ... tches.html

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
 Post subject: 1 Billion Attacks Hit Shellshock Flaw
PostPosted: Tue Oct 07, 2014 11:23 am 
Offline
Site Admin

Joined: Sat Apr 30, 2011 4:33 am
Posts: 1530
Location: USA
1 Billion Attacks Hit Shellshock Flaw
Sci-Tech Today
... Shellshock, also known as the Bash (Bourne-Again Shell) bug threatens to wreak havoc on Unix and Linux systems on which software from these ...
http://www.sci-tech-today.com/news/1-Bi ... 100040QCTM

--
SENDER: g.linuxducks / Creator:
LinuxDucks Linux Operating System Club
HOME: http://linuxducks.webs.com/
ALT: https://sites.google.com/site/linuxducks/home
FORUM: index.php
GROUPS:
http://tech.groups.yahoo.com/group/linuxducks/
http://groups.google.com/group/linuxducks
RSS https://groups.google.com/forum/feed/li ... xml?num=15

_________________
ADMINISTRATOR / FORUM OWNER
HOME: http://linuxducks.webs.com/
https://sites.google.com/site/linuxducks/home
http://tech.groups.yahoo.com/group/linuxducks/
Web: https://sites.google.com/site/pcsecurityhelper/
Malware Removal / Amatuer Forensics


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 9 posts ] 

All times are UTC - 4 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Design by fragilix © 2008 based on subsilver2.

This site is hosted by Free-Forums.org - get a forum for free. Get coupon codes.
MultiForums powered by echoPHP phpBB MultiForums