|
Note all the current fixes released do not fully fix the issue. https://twitter.com/taviso/status/514887394294652929 Further fixes are coming later today (at least from Ubuntu and Redhat who have both commented on this further exploit).
|
# ¿ Sep 25, 2014 13:47 |
|
|
# ¿ May 18, 2024 16:37 |
|
Do you have any embedded devices that have a web front end? Then you are likely vulnerable. Web server side of things shouldn't be that bad, as most people don't have CGI scripts on a normal website. Cpanel are saying they have tested and aren't vulnerable to it, which is good hope its the case for the rest. Edit: just reading that in fact its not just a theoretical risk with just PHP, all web application languages are vulnerable e.g. NodeJs, Django, etc. Would imagine there are lots of people having a field day exploiting this, especially given a proper fix might be a while coming. ukle fucked around with this message at 14:34 on Sep 25, 2014 |
# ¿ Sep 25, 2014 14:11 |
|
gallop w/a boner posted:Stupud question, but what should this output if the system is vulnerable/not vulnerable? For Vulnerable Vulnerable this is a test None Vulnerable bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test ^beaten Remember this is only testing the original fix, its not testing the wider problem which isn't fixed at all yet.
|
# ¿ Sep 25, 2014 15:43 |
|
Evidence that its already being exploited - http://www.kernelmode.info/forum/viewtopic.php?f=16&t=3505#p23987 Patch ASAP. Note that exact malware is exploiting the same flaw in Busybox, to take over routers to be DDoS bots. ukle fucked around with this message at 16:34 on Sep 25, 2014 |
# ¿ Sep 25, 2014 16:29 |
|
It also affects Busybox as well, which is where the first seen in the wild use of this exploit was found. Remember as well that the exploit still isn't fully patched, although hopefully that 'final' fix is probably due any time now.
|
# ¿ Sep 25, 2014 18:20 |
|
|
# ¿ May 18, 2024 16:37 |
|
Nasty proof of concept to weaponise this bug via DHCP - https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/ Run a DHCP server on the network that then forces a command via the exploit to each machine as it gets a lease, given that is usually run at root level its potentially limitless. Just shows the potential damage for this exploit is far beyond what was first envisaged.
|
# ¿ Sep 26, 2014 18:53 |