[Fsuk-manchester] ShellShock vulnerability

fsuk-manchester

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fsuk-manchester] ShellShock vulnerability

From:	Michael Dorrington
Subject:	[Fsuk-manchester] ShellShock vulnerability
Date:	Thu, 25 Sep 2014 19:26:41 +0100
User-agent:	Mozilla/5.0 (X11; Linux i686 on x86_64; rv:24.0) Gecko/20100101 Icedove/24.8.0

In case you have been asleep all day then you might not have heard of
the ShellShock vulnerability.  This is an issue with bash and being able
to pass environmental variables to a shell instance that are then
executed.  This can potentially affect CGI scripts and sshd but also
includes "scripts executed by unspecified DHCP clients".  I recommend
you install your distro's security updates asap.

https://en.wikipedia.org/wiki/Shellshock_vulnerability
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169

Regards,
Mike.

-- 
FSF member #9429
http://www.fsf.org/register_form?referrer=9429
http://www.fsf.org/about
"The Free Software Foundation (FSF) is a nonprofit with a worldwide
mission to promote computer user freedom and to defend the rights of all
free software users."

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Fsuk-manchester] ShellShock vulnerability, Michael Dorrington <=
- Re: [Fsuk-manchester] ShellShock vulnerability, Michael Dorrington, 2014/09/26
  - Re: [Fsuk-manchester] ShellShock vulnerability, Michael Dorrington, 2014/09/27
    - Re: [Fsuk-manchester] ShellShock vulnerability, Leslie I'Anson, 2014/09/29

Prev by Date: [Fsuk-manchester] Come and see Cory Doctorow talk about publishing your work in the Internet [Oct 7th]
Next by Date: Re: [Fsuk-manchester] ShellShock vulnerability
Previous by thread: [Fsuk-manchester] Come and see Cory Doctorow talk about publishing your work in the Internet [Oct 7th]
Next by thread: Re: [Fsuk-manchester] ShellShock vulnerability
Index(es):
- Date
- Thread