[AusNOG] bash bug !
Ben Cooper
ben at zeno.io
Thu Sep 25 22:43:56 EST 2014
isnt VYoS *nix based? Debian even?
Also those new Ubiqiti things are Debian based as well I think.
On Thu, Sep 25, 2014 at 10:06 PM, George Fong <george at lateralplains.com>
wrote:
> I've so far had no problems updating CENTos servers with a simple update
> of bash.
>
> I'm not sure how accurate this test is but the befores and afters seem to
> be consistent:
>
>
> https://community.qualys.com/blogs/securitylabs/2014/09/24/bash-remote-code-execution-vulnerability-cve-2014-6271
>
> Right now I am most worried about Linux based border routers and VM hosts
> such as Proxmox. The latter is Debian based.
>
> Cheers
> g.
>
>
>
> On Thu, 2014-09-25 at 16:32 +1000, Pinkerton, Eric (AU Sydney) wrote:
>
> Heads up, shellshock botnet payloads are already hitting honeypots..
>
>
>
> https://gist.github.com/anonymous/929d622f3b36b00c0be1
>
>
>
>
>
> *From:* AusNOG [mailto:ausnog-bounces at lists.ausnog.net] *On Behalf Of *Alex
> Samad - Yieldbroker
> *Sent:* Thursday, 25 September 2014 2:59 PM
> *To:* Kush, Nishchal
> *Cc:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] bash bug !
>
>
>
>
> I believe the initial released patch was incomplete
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1146319
>
>
>
>
>
> A
>
>
>
> *From:* Kush, Nishchal [mailto:kush at kush.com.fj <kush at kush.com.fj>]
> *Sent:* Thursday, 25 September 2014 3:03 PM
> *To:* Alex Samad - Yieldbroker
> *Cc:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] bash bug !
>
>
>
>
> Hi
>
>
>
>
> Most Linux distributions have released patches. Unfortunately you still
> need to recompile your own for Apple’s Mac OS X
>
>
>
>
>
> Cheers
>
>
> --
> Kush, Nishchal
> kush at kush.com.fj
>
>
>
>
>
>
>
> On 25 Sep 2014, at 2:40 pm, Alex Samad - Yieldbroker <
> Alex.Samad at yieldbroker.com> wrote:
>
>
>
>
>
> http://www.smh.com.au/it-pro/security-it/shell-shock-bash-bug-labelled-largest-ever-to-hit-the-internet-20140925-10ltx1.html
>
>
> https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
>
>
> Please consider the environment before printing this email. This message
> should be regarded as confidential. If you have received this email in
> error please notify the sender and destroy it immediately. Statements of
> intent shall only become binding when confirmed in hard copy by an
> authorised signatory. The contents of this email may relate to dealings
> with other companies under the control of BAE Systems Applied Intelligence
> Limited, details of which can be found at
> http://www.baesystems.com/Businesses/index.htm.
>
> _______________________________________________
> AusNOG mailing listAusNOG at lists.ausnog.nethttp://lists.ausnog.net/mailman/listinfo/ausnog
>
>
> --
>
>
>
> GPG Fingerprint: 8BAF 3175 A1C8 BF5F 3631 BEF4 727C 784A 218B 4CE4
> Just remember, wherever you go ........ there you are.
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
--
--
Ben Cooper
CEO
Zeno Holdings PTY LTD
P: +61 7 3503 8553
M: 0410411301
E: ben at zeno.io
W: *http://zeno.io <http://zeno.io>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140925/0de17a37/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: george-2014.png
Type: image/png
Size: 20375 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140925/0de17a37/attachment.png>
More information about the AusNOG
mailing list