[AusNOG] bash bug !
Nathan Brookfield
Nathan.Brookfield at simtronic.com.au
Thu Sep 25 22:46:40 EST 2014
VyOS and Vyatta, spot on! I think some of the Ubiquiti devices run BusyBox.
Kindest Regards,
Nathan Brookfield
Chief Executive Officer
Simtronic Technologies Pty Ltd
Web: http://simtronic.com.au
Phone: 1300 592 330
Fax: (02) 4749 4950
On 25 Sep 2014, at 22:44, Ben Cooper <ben at zeno.io<mailto:ben at zeno.io>> wrote:
isnt VYoS *nix based? Debian even?
Also those new Ubiqiti things are Debian based as well I think.
On Thu, Sep 25, 2014 at 10:06 PM, George Fong <george at lateralplains.com<mailto:george at lateralplains.com>> wrote:
I've so far had no problems updating CENTos servers with a simple update of bash.
I'm not sure how accurate this test is but the befores and afters seem to be consistent:
https://community.qualys.com/blogs/securitylabs/2014/09/24/bash-remote-code-execution-vulnerability-cve-2014-6271
Right now I am most worried about Linux based border routers and VM hosts such as Proxmox. The latter is Debian based.
Cheers
g.
On Thu, 2014-09-25 at 16:32 +1000, Pinkerton, Eric (AU Sydney) wrote:
Heads up, shellshock botnet payloads are already hitting honeypots..
https://gist.github.com/anonymous/929d622f3b36b00c0be1
From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>] On Behalf Of Alex Samad - Yieldbroker
Sent: Thursday, 25 September 2014 2:59 PM
To: Kush, Nishchal
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] bash bug !
I believe the initial released patch was incomplete
https://bugzilla.redhat.com/show_bug.cgi?id=1146319
A
From: Kush, Nishchal [mailto:kush at kush.com.fj]
Sent: Thursday, 25 September 2014 3:03 PM
To: Alex Samad - Yieldbroker
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] bash bug !
Hi
Most Linux distributions have released patches. Unfortunately you still need to recompile your own for Apple’s Mac OS X
Cheers
--
Kush, Nishchal
kush at kush.com.fj<mailto:kush at kush.com.fj>
On 25 Sep 2014, at 2:40 pm, Alex Samad - Yieldbroker <Alex.Samad at yieldbroker.com<mailto:Alex.Samad at yieldbroker.com>> wrote:
http://www.smh.com.au/it-pro/security-it/shell-shock-bash-bug-labelled-largest-ever-to-hit-the-internet-20140925-10ltx1.html
https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
Please consider the environment before printing this email. This message should be regarded as confidential. If you have received this email in error please notify the sender and destroy it immediately. Statements of intent shall only become binding when confirmed in hard copy by an authorised signatory. The contents of this email may relate to dealings with other companies under the control of BAE Systems Applied Intelligence Limited, details of which can be found at http://www.baesystems.com/Businesses/index.htm.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
--
<george-2014.png>
GPG Fingerprint: 8BAF 3175 A1C8 BF5F 3631 BEF4 727C 784A 218B 4CE4
Just remember, wherever you go ........ there you are.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
--
--
Ben Cooper
CEO
Zeno Holdings PTY LTD
P: +61 7 3503 8553
M: 0410411301
E: ben at zeno.io<mailto:ben at zeno.io>
W: http://zeno.io
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140925/2dc750f2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: george-2014.png
Type: image/png
Size: 20375 bytes
Desc: george-2014.png
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140925/2dc750f2/attachment.png>
More information about the AusNOG
mailing list