Announcement

Collapse
No announcement yet.

Severe shell vulnerability detected in Unix

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Evanion
    started a topic Severe shell vulnerability detected in Unix

    Severe shell vulnerability detected in Unix

    I just got a security flash from CERT-SE that informed me that there have been a severe security issue detected in unix shell.
    The vulnerability lets a potential attacker execute malicious code in the shell, and gain access to the system.

    At present there are no known workarounds for this issue, except running a WAF. To test if your system is afflicted by this issue, you can run the following command in the commandline:

    Code:
    $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
    If your system is afflicted, you will see the following output in your shell:

    Code:
    vulnerable
    this is a test
    At present this vulnerability is known to be exploited by atleast one worm.

    For more information, see the following articles:
    https://securityblog.redhat.com/2014...ection-attack/
    http://seclists.org/oss-sec/2014/q3/649
    http://seclists.org/oss-sec/2014/q3/650

  • d2d4j
    replied
    Hi

    I wonder if this is also connected with the bots trying to take over routers, computers, IoT (internet of Things) etc... for mass bot DDoS.

    It's just a thought

    Many thanks

    John

    Leave a comment:


  • Licensecart
    replied
    Originally posted by IWorx-Brett View Post
    Actually, looks like the issue isn't fully patched yet:

    https://access.redhat.com/articles/1200223

    In any case, keeping OS Updates enabled on your InterWorx boxes is highly recommended and will ensure your box receives the updated patch when it's released by red hat.

    To check your update settings, log into NodeWorx and go to Server >> Software Updates.
    And Houston we have a problem: http://us3.campaign-archive2.com/?u=...1&e=32ff2cc196

    "We have both been made aware of some malware being spread via this vulnerability and we have seen another variant our self on our own IDS."

    Leave a comment:


  • IWorx-Brett
    replied
    Actually, looks like the issue isn't fully patched yet:

    https://access.redhat.com/articles/1200223

    In any case, keeping OS Updates enabled on your InterWorx boxes is highly recommended and will ensure your box receives the updated patch when it's released by red hat.

    To check your update settings, log into NodeWorx and go to Server >> Software Updates.

    Leave a comment:


  • IWorx-Brett
    replied
    Yes, thanks for bringing attention to this. If you have auto OS updates enabled on your InterWorx box, the update should have been applied. Otherwise, definitely run yum update to secure your system.

    Leave a comment:


  • d2d4j
    replied
    Hi Evanion

    Many thanks, your correct and one of our systems failed, but has now been patched thanks, but all other systems had already been updated.

    For those on centos, ssh in and run yum update, where you'll see bash update ready to install

    I hope your keeping well

    Many thanks

    John

    Leave a comment:

Working...
X