[AusNOG] bash bug !

Andrew Tschudi ausnogandrewtschudi at gmail.com
Thu Sep 25 22:59:25 EST 2014


So annoyed at this we spent all day patching some CentOS servers to then
find out CentOS said the patch did not fix the issue and they released a
second patch, back to the start we go.

I wonder what routers will be affected by this.

On Thu, Sep 25, 2014 at 10:49 PM, Curtis Bayne <curtis at bayne.com.au> wrote:

> Along with most embedded devices, thank heavens.
>
> If there is a busybox 0day of a similar ilk to this, it's going to be very
> interesting times for the internet. I hope that never, ever happens.
>
> -C
>
> On Thu, Sep 25, 2014 at 10:46 PM, Nathan Brookfield <
> Nathan.Brookfield at simtronic.com.au> wrote:
>
>>  VyOS and Vyatta, spot on! I think some of the Ubiquiti devices run
>> BusyBox.
>>
>> Kindest Regards,
>> Nathan Brookfield
>>
>> Chief Executive Officer
>> Simtronic Technologies Pty Ltd
>>
>>  Web: http://simtronic.com.au
>> Phone: 1300 592 330
>> Fax: (02) 4749 4950
>>
>> On 25 Sep 2014, at 22:44, Ben Cooper <ben at zeno.io> wrote:
>>
>>  isnt VYoS *nix based? Debian even?
>>
>>  Also those new Ubiqiti things are Debian based as well I think.
>>
>> On Thu, Sep 25, 2014 at 10:06 PM, George Fong <george at lateralplains.com>
>> wrote:
>>
>>>  I've so far had no problems updating CENTos servers with a simple
>>> update of bash.
>>>
>>> I'm not sure how accurate this test is but the befores and afters seem
>>> to be consistent:
>>>
>>>
>>> https://community.qualys.com/blogs/securitylabs/2014/09/24/bash-remote-code-execution-vulnerability-cve-2014-6271
>>>
>>> Right now I am most worried about Linux based border routers and VM
>>> hosts such as Proxmox. The latter is Debian based.
>>>
>>> Cheers
>>> g.
>>>
>>>
>>>
>>> On Thu, 2014-09-25 at 16:32 +1000, Pinkerton, Eric (AU Sydney) wrote:
>>>
>>> Heads up, shellshock botnet payloads are already hitting honeypots..
>>>
>>>
>>>
>>> https://gist.github.com/anonymous/929d622f3b36b00c0be1
>>>
>>>
>>>
>>>
>>>
>>>  *From:* AusNOG [mailto:ausnog-bounces at lists.ausnog.net] *On Behalf Of *Alex
>>> Samad - Yieldbroker
>>> *Sent:* Thursday, 25 September 2014 2:59 PM
>>> *To:* Kush, Nishchal
>>> *Cc:* ausnog at lists.ausnog.net
>>> *Subject:* Re: [AusNOG] bash bug !
>>>
>>>
>>>
>>>
>>> I believe the initial released patch was incomplete
>>>
>>> https://bugzilla.redhat.com/show_bug.cgi?id=1146319
>>>
>>>
>>>
>>>
>>>
>>> A
>>>
>>>
>>>
>>>  *From:* Kush, Nishchal [mailto:kush at kush.com.fj <kush at kush.com.fj>]
>>> *Sent:* Thursday, 25 September 2014 3:03 PM
>>> *To:* Alex Samad - Yieldbroker
>>> *Cc:* ausnog at lists.ausnog.net
>>> *Subject:* Re: [AusNOG] bash bug !
>>>
>>>
>>>
>>>
>>> Hi
>>>
>>>
>>>
>>>
>>>  Most Linux distributions have released patches. Unfortunately you
>>> still need to recompile your own for Apple’s Mac OS X
>>>
>>>
>>>
>>>
>>>
>>>  Cheers
>>>
>>>
>>>  --
>>> Kush, Nishchal
>>> kush at kush.com.fj
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>  On 25 Sep 2014, at 2:40 pm, Alex Samad - Yieldbroker <
>>> Alex.Samad at yieldbroker.com> wrote:
>>>
>>>
>>>
>>>
>>>
>>> http://www.smh.com.au/it-pro/security-it/shell-shock-bash-bug-labelled-largest-ever-to-hit-the-internet-20140925-10ltx1.html
>>>
>>>
>>> https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability
>>>
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>>
>>>
>>>
>>>
>>>  Please consider the environment before printing this email. This
>>> message should be regarded as confidential. If you have received this email
>>> in error please notify the sender and destroy it immediately. Statements of
>>> intent shall only become binding when confirmed in hard copy by an
>>> authorised signatory. The contents of this email may relate to dealings
>>> with other companies under the control of BAE Systems Applied Intelligence
>>> Limited, details of which can be found at
>>> http://www.baesystems.com/Businesses/index.htm.
>>>
>>> _______________________________________________
>>> AusNOG mailing listAusNOG at lists.ausnog.nethttp://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>>
>>>    --
>>> <george-2014.png>
>>>
>>>
>>> GPG Fingerprint: 8BAF 3175 A1C8 BF5F 3631 BEF4 727C 784A 218B 4CE4
>>> Just remember, wherever you go ........ there you are.
>>>
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>>
>>
>>
>>  --
>>  --
>> Ben Cooper
>> CEO
>> Zeno Holdings PTY LTD
>>  P: +61 7 3503 8553
>> M: 0410411301
>> E: ben at zeno.io
>> W: *http://zeno.io <http://zeno.io>*
>>   _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140925/f3d14899/attachment.html>


More information about the AusNOG mailing list